another use for Lua: Web Application Firewall

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: another use for Lua: Web Application Firewall
From: "Stephen Craig Evans" <stephencraig.evans@...>
Date: Mon, 17 Nov 2008 12:34:30 +0800

Hi,

This is my first post on this forum. In case that somebody is keeping
a list of how Lua is used, I used it extensively in my OWASP (Web
application security) Summer of Code 2008 project, Securing WebGoat
using ModSecurity Project
(http://www.owasp.org/index.php/OWASP_Securing_WebGoat_using_ModSecurity_Project).

Using Lua's programming capabilities, I believe that I'm one of the
first to mitigate a class of vulnerabilities called business logic
flaws using a Web Application Firewall. I gave some presentations on
it a couple of weeks ago at the OWASP EU Summit in Portugal and
received very favorable comments.

You Lua pros will cringe at my primitive use of Lua, but I thought I
would mention on this list that it was used in my project.

Regards,
Stephen Evans

Follow-Ups:
- Re: another use for Lua: Web Application Firewall, Roberto Ierusalimschy

Prev by Date: Re: How to implement a reentrantable library?
Next by Date: [ANN] LuaCairo and CairoPad updated
Previous by thread: Re: [Benchmark] Chain calls
Next by thread: Re: another use for Lua: Web Application Firewall
Index(es):
- Date
- Thread