A packet filtering tool for A/D CTFs.
This tool is able to filter packets based on their payload by using regular expressions.
During an A/D, we often had to drop some malicious packets, but to do it properly we had to understand how the service worked and in which programming language it was written. This process is a waste of time. With this tool we can instead drop the malicious packets before they are received from the vulnerable service, making the process simple and implementation agnostic (basically it works like a WAF that process all packets).
Probably not, but we do not take any responsibility for its use.
This hyper-professional diagram represents on a conceptual level how this tool is structured:
Warning: cerbero-web must be set up before trying to connect the firewall, this means that before starting the cerbero binary you MUST complete the services setup on cerbero-web.
If you wish to contribute to the project, make sure to read the contributing guide first.