Transform OWASP CRS rules into a modern, abstract representation 🚀
The code in this repository aims to generate a new representation for the OWASP CRS rules, making them more accessible and maintainable.
The goal is to abstract OWASP CRS from the specifics of the Seclang language in which it is currently written. This abstraction provides:
- 🔄 Better maintainability - Easier to understand and modify rules
- 🎯 Language independence - Not tied to Seclang syntax
- 🚀 Enhanced tooling - Better support for analysis and transformation
- 📊 Improved readability - Cleaner representation of security rules
- 🔧 Extended ANTLR Listener - Extends the listener generated by the ANTLR Seclang parser
- 📝 Complete Rule Loading - Loads Seclang rule information stored in the CRS files, including comments
- 🎨 New Representation - Defines a new representation for the rules and translates them into it
- 🔄 Bidirectional Conversion - Convert between Seclang and CRSLang formats
Initialize the repo:
git clone https://github.com/coreruleset/crslang.git
cd crslangGenerate the ANTLR parser code and build the project:
go buildLoad and translate the Seclang OWASP CRS files to the new representation:
./crslang -o crs seclang_parser/testdata/crsLoad and translate the CRSLang back to Seclang:
./crslang -s crs.yamlRun the tests to ensure everything works correctly:
go test -vFor more detailed information about the project structure and API, check out the source code and test files.
We welcome contributions! Please feel free to submit issues and pull requests.
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.