cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

AWS F5 Bot Rules Protection ¿any testing page to test effectively use cases?

Oscar77
Nimbostratus
Nimbostratus

Hi there!

 

We have purchased in AWS F5 all rules (OWASP, Bot, API prot. and CVE's)

 

Atm we want to test all of them, any webpage with common example attacks to test if it works? we can start with Bot Protection.

 

Thanks all.

1 REPLY 1

gocker99
F5 Employee
F5 Employee

Hello! F5 does not have a webpage to send test attacks at your site but there are third party apps you can use.

 

We would recommend starting with covering the OWASP attacks as those are most common.

 

Here is the OWASP testing guide: https://owasp.org/www-project-web-security-testing-guide/

 

Here is the location of OWASPS free ZAP attack proxy: https://owasp.org/www-project-zap/

 

After applying the rules and then testing with ZAP, that will test the OWASP top 10 and API type attacks.

CVE attacks are more difficult as there are not always proof of concept attacks that are public.