f5-awaf-export-policies

A small script to export all AWAF policies from a BIG-IP device.

This script leverages BIG-IP iControl REST API to export ALL AWAF policies in the system and saves them locally. The policies can be exported in the following formats: xml, plc and json.

Note: JSON format only works with TMOS version 16.x.

Tested with BIG-IP 16.1 but should work with older versions.

Usage

usage: f5-awaf-export-policies.py [-h] --device DEVICE --username USERNAME
                                  --password PASSWORD
                                  [--format {json,xml,plc}] [--output OUTPUT]

A small script to export all AWAF policies from a BIG-IP device.

optional arguments:
  -h, --help            show this help message and exit
  --device DEVICE, -d DEVICE
  --username USERNAME, -u USERNAME
  --password PASSWORD, -p PASSWORD
  --format {json,xml,plc}, -f {json,xml,plc}
  --output OUTPUT, -o OUTPUT

Sample Output

$ python f5-awaf-export-policies.py -d 192.168.0.245 -u admin -p "XXXXXXX" -o ./output 
AWAF Policy /PartitionB/awaf_policy_app4 saved to file ./output/PartitionB-awaf_policy_app4.xml.
AWAF Policy /PartitionB/awaf_policy_app3 saved to file ./output/PartitionB-awaf_policy_app3.xml.
AWAF Policy /PartitionA/awaf_policy_app2 saved to file ./output/PartitionA-awaf_policy_app2.xml.
AWAF Policy /PartitionA/awaf_policy_app1 saved to file ./output/PartitionA-awaf_policy_app1.xml.
AWAF Policy /PartitionC/awaf_policy_app6 saved to file ./output/PartitionC-awaf_policy_app6.xml.
AWAF Policy /PartitionC/awaf_policy_app5 saved to file ./output/PartitionC-awaf_policy_app5.xml.

A small script to export all AWAF policies from a BIG-IP device

Related tags

Overview

f5-awaf-export-policies

Usage

Sample Output

Owner

NExfil is an OSINT tool written in python for finding profiles by username.

Tool for finding PHP source code vulnerabilities.

A python implementation of the windows 95 product key check.

AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️

Implementation of an attack on a tropical algebra discrete logarithm based protocol

Volunteer & Campaign Management System

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.

PKUAutoElective for 2021 spring semester

CVE-log4j CheckMK plugin

Learning to compose soft prompts for compositional zero-shot learning.

orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner

XSS scanner in python

Automatic ProxyShell Exploit

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

Add a Web Server based on Rogue Mysql Server to allow remote user get