11-Oct-2021 04:06
Hi there!
We have purchased in AWS F5 all rules (OWASP, Bot, API prot. and CVE's)
Atm we want to test all of them, any webpage with common example attacks to test if it works? we can start with Bot Protection.
Thanks all.
29-Oct-2021 14:30
Hello! F5 does not have a webpage to send test attacks at your site but there are third party apps you can use.
We would recommend starting with covering the OWASP attacks as those are most common.
Here is the OWASP testing guide: https://owasp.org/www-project-web-security-testing-guide/
Here is the location of OWASPS free ZAP attack proxy: https://owasp.org/www-project-zap/
After applying the rules and then testing with ZAP, that will test the OWASP top 10 and API type attacks.
CVE attacks are more difficult as there are not always proof of concept attacks that are public.