Question 1

How do I test my firewall IPS rules online?

Accepted Answer

ITSecTools sends live attack payloads (SQLi, XSS, Path Traversal) through your network. If your NGFW blocks them (HTTP 403/503 or connection reset), your IPS rules are working. SSL Decryption must be enabled for HTTPS inspection.

Question 2

What evasion techniques does ITSecTools test against?

Accepted Answer

ITSecTools tests Log4j JNDI header injection, Hex/URL-encoded SQL injection (anti-normalization), and Shellshock Bash function injection in HTTP headers — techniques attackers use to bypass signature-based detection.

Question 3

Can ITSecTools detect Command and Control (C2) beacon traffic?

Accepted Answer

Yes. The C2 simulation module tests OOB data exfiltration, web shell command beacons, and Python reverse shell stagers to verify your firewall detects and blocks unauthorized outbound traffic.

Question 4

Do I need SSL decryption enabled for NGFW testing?

Accepted Answer

Yes. Since tests run over HTTPS (port 443), your firewall must have SSL/TLS decryption (DPI-SSL) enabled for the domain to inspect the encrypted payloads. Without decryption, the firewall cannot see the attack signatures.

Question 5

What is the Network IP Flooder and how does it work?

Accepted Answer

The Network IP Flooder fires 30 continuous IPS attack patterns (SQL injection, path traversal, encoded traversal, system file disclosure) in rapid succession. Each request hits a unique URL path to avoid browser connection reuse. It tests your firewall throughput and signature detection under sustained attack load.

NGFW Validation

Intrusion Prevention (IPS) Signature

Advanced Evasion Technique (AET)

Command & Control (C2C) Beacon

Network IP Flooder

Free NGFW & IPS Testing Tool

Test Categories

Why This NGFW Testing Tool?