// artifact family
web application firewall (waf) forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- cloudflare waf firewall event forensic analyzerdrop cloudflare firewall event export · parse rule + action + ray id · runs locally
- aws waf log forensic analyzerdrop aws waf log export · parse terminating rule + action + uri · runs locally
- imperva waf audit log forensic analyzerdrop imperva waf audit export · parse policy + signature + client · runs locally
- f5 advanced waf request log forensic analyzerdrop f5 awaf request log export · parse violation + policy + ip · runs locally
- akamai kona waf log forensic analyzerdrop akamai kona waf export · parse rule + action + referer · runs locally
- waf rule tuning anomaly detectordrop waf config change export · detect aggressive allow rule changes · runs locally
- waf block bypass detectordrop waf request log export · detect block-to-allow bypass patterns · runs locally
- owasp crs trigger burst detectordrop waf signature log export · detect crs rule trigger bursts · runs locally
- multi waf attack timeline correlatordrop 2+ waf log exports · unified attack timeline graph · runs locally
- cross waf cdn traffic correlatordrop waf + cdn access exports · correlate blocked ip + cache hit · runs locally