Skip to content

Add default WAF filter for lightfuzz #2712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: dev
Choose a base branch
from
Open

Add default WAF filter for lightfuzz #2712

wants to merge 6 commits into from

Conversation

liquidsec
Copy link
Collaborator

No description provided.

@liquidsec liquidsec mentioned this pull request Sep 24, 2025
Closed
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 24, 2025
edited
Loading

📊 Performance Benchmark Report

Comparing dev (baseline) vs lightfuzz-performance (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.15ms 4.23ms +1.8%
Bloom Filter Large Scale Dns Brute Force 18.16ms 18.37ms +1.2%
Large Closest Match Lookup 346.73ms 354.22ms +2.2%
Realistic Closest Match Workload 189.41ms 190.34ms +0.5%
Event Validation Full Scan Startup Small Batch 458.86ms 459.46ms +0.1%
Event Validation Full Scan Startup Large Batch 835.64ms 811.70ms -2.9%
Make Event Autodetection Small 30.90ms 30.68ms -0.7%
Make Event Autodetection Large 317.56ms 314.11ms -1.1%
Make Event Explicit Types 13.88ms 14.00ms +0.9%
Excavate Single Thread Small 4.070s 3.969s -2.5%
Excavate Single Thread Large 9.604s 9.502s -1.1%
Excavate Parallel Tasks Small 4.266s 4.178s -2.1%
Excavate Parallel Tasks Large 7.318s 7.233s -1.1%
Is Ip Performance 3.20ms 3.15ms -1.4%
Make Ip Type Performance 11.69ms 11.29ms -3.4%
Mixed Ip Operations 4.54ms 4.44ms -2.1%
Typical Queue Shuffle 62.79µs 61.35µs -2.3%
Priority Queue Shuffle 695.98µs 707.14µs +1.6%

🎯 Performance Summary

No significant performance changes detected (all changes <10%)

🐍 Python Version 3.11.13

TheTechromancer
TheTechromancer reviewed Sep 25, 2025
View reviewed changes
bbot/modules/lightfuzz/lightfuzz.py
# If we've disabled fuzzing POST parameters, back out of POSTPARAM WEB_PARAMETER events as quickly as possible
async def filter_event(self, event):
# Unless configured specifically to do so, avoid running against confirmed WAFs
if self.avoid_wafs and any(tag in ["cdn-cloudflare", "cdn-akamai", "cdn-incapsula"] for tag in event.tags):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we need to track which cloud providers are WAFs, this should be done in cloudcheck

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is that possible now or do we want to hold for a cloudcheck feature?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cloudcheck is about to get rustified so now is a good time to add it

@codecov Codecov
Copy link

codecov bot commented Sep 25, 2025

Codecov Report

❌ Patch coverage is 50.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 92%. Comparing base (212be84) to head (8ffd223).
⚠️ Report is 57 commits behind head on dev.

Files with missing lines Patch % Lines
bbot/modules/lightfuzz/lightfuzz.py 50% 2 Missing ⚠️
Additional details and impacted files 
@@          Coverage Diff          @@
##             dev   #2712   +/-   ##
=====================================
- Coverage     92%     92%   -0%     
=====================================
  Files        410     411    +1     
  Lines      33942   33955   +13     
=====================================
- Hits       31007   30966   -41     
- Misses      2935    2989   +54

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TheTechromancer TheTechromancer TheTechromancer left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@liquidsec @TheTechromancer