dvwa
1 TopicUsing iMacros to Expedite ASM Policy Traffic Learning
Hey Everyone, In the ASM Demo Youtube series, the host uses these iMacros (think a selenium web driver) in order to fire off a bunch of SQL injection and other types of attacks at the site (DVWA) which he is building an ASM policy for. This expedites ASM policy learning among other benefits. My question is relatively simple: While I am building the policy ultimately for my companies own proprietary app, is it possible to build the policy against something like the DVWA where I can use iMacros to speed up the learning and fire a bunch of attacks at it to learn, and then after it has picked up some nuances of attack signatures and things like that, can I then apply the policy to my companies' app and move it off of the DVWA where the iMacros were tested on. Will something like this work? Also, any idea where to download some iMacros that are security oriented (as I am not sure I would be confident in covering all of my bases for different attacks that I would like to have ran against the policy to learn before going live in production, and if there were some scripts already out there (commercial is fine) that would be helpful too! Thanks in advance for any advice! Best, -cmm-581Views0likes2Comments