Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.dhal.rokad.co/llms.txt

Use this file to discover all available pages before exploring further.

Security rules

Dhal includes deterministic WAF-style rules.

Rule packs

{
  "rules": {
    "packs": ["generic-web", "api"]
  }
}
Available packs:
PackPurpose
generic-webbroad web attack surface
apiAPI-oriented request checks
authlogin and credential-abuse surfaces
wordpresscommon WordPress probe detection
strict-apistricter JSON API posture

Signatures

Built-in signatures include:
  • SQL injection;
  • XSS;
  • path traversal;
  • SSRF;
  • RCE;
  • SSTI;
  • GraphQL introspection probes;
  • WordPress probes;
  • bad user agents.

Rule catalog

List rules: 
npx dhal rules
npx dhal rules --json
Public API: 
import {
  getDhalRuleCatalog,
  findDhalRule,
  DHAL_RULE_CATALOG
} from "@rokadhq/dhal";

Severity

Configure severity by category and rule ID: 
{
  "policy": {
    "severity": {
      "default": "low",
      "categories": {
        "signature": "high",
        "honeypot": "critical"
      },
      "rules": {
        "signature.path_traversal": "critical"
      }
    }
  }
}