wafrift_evolution/differential/mod.rs
1//! WAF rule differential analysis — reverse-engineer what a WAF blocks.
2//!
3//! Sends a matrix of carefully crafted probe payloads that isolate
4//! individual WAF rule triggers. By observing which probes get blocked
5//! vs. which pass through, we can infer the WAF's regex rules and
6//! generate payloads that specifically avoid those patterns.
7//!
8//! # How it works
9//!
10//! ```text
11//! 1. Send baseline (benign) request → expect PASS
12//! 2. Send known-malicious probe → expect BLOCK
13//! 3. Send focused probe batches → observe which BLOCK
14//! 4. Infer which components trigger the WAF
15//! 5. Generate payloads that avoid those specific triggers
16//! ```
17
18pub mod analysis;
19pub mod binary_search;
20pub mod probe;
21mod report;
22
23pub use analysis::*;
24pub use binary_search::*;
25pub use probe::*;