Awesome Open Source
Awesome Open Source
Combined Topics
waf
x
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210
The Top 53 Waf Open Source Projects
Categories
>
Security
>
Waf
Modsecurity
⭐
4,293
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
Naxsi
⭐
3,744
NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
Awesome Waf
⭐
3,514
🔥 Everything you'll need to know about web-application firewalls (WAF).
Htrace.sh
⭐
3,362
My simple Swiss Army knife for http/https troubleshooting and profiling.
Padrino Framework
⭐
3,292
Padrino is a full-stack ruby framework built upon Sinatra.
Wafw00f
⭐
2,518
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Openrasp
⭐
1,768
🔥Open source RASP solution
Whatwaf
⭐
1,710
Detect and bypass web application firewalls and protection systems
Collection Document
⭐
1,413
Collection of quality safety articles. Awesome articles.
Vxscan
⭐
1,263
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Burpsuite Collections
⭐
1,081
BurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Burpsuite Collections
⭐
1,079
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Lua Resty Waf
⭐
1,068
High-performance WAF built on the OpenResty stack
Haproxy Wi
⭐
842
Web interface for managing Haproxy, Nginx and Keepalived servers
Modsecurity Nginx
⭐
824
ModSecurity v3 Nginx Connector
Janusec
⭐
783
Janusec Application Gateway, Provides Fast and Secure Application Delivery (Authentication, WAF/CC, HTTPS and ACME automatic certificates). JANUSEC应用网关,提供快速、安全的应用交付(身份认证, WAF/CC, HTTPS以及ACME自动证书)。
Code Audit Challenges
⭐
781
Code-Audit-Challenges
Jxwaf
⭐
776
JXWAF(锦衣盾)是一款开源web应用防火墙
Build
⭐
661
TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Blazy
⭐
641
Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Openwaf
⭐
574
Web security protection system based on openresty
Waf
⭐
568
🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Laravel Firewall
⭐
547
Web Application Firewall (WAF) package for Laravel
Waf
⭐
544
Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
Burpsuitehttpsmuggler
⭐
532
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Aws
⭐
511
A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
Awesome Nginx Security
⭐
426
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Cerberus
⭐
402
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Xash3d Fwgs
⭐
354
Xash3D FWGS engine. Rebooted fork since big Xash3D 0.99(1.0 is not yet) update.
Juggler
⭐
327
A system that may trick hackers. 一个也许能骗到黑客的系统。
Identywaf
⭐
296
Blind WAF identification tool
Cloudbunny
⭐
274
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Fomalhaut
⭐
272
🚀 A Simple API Gateway for Building Security and Flexible Microservices.
Raptor_waf
⭐
246
Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta
Secbox
⭐
243
🖤 网络安全与渗透测试工具导航
Autosqli
⭐
224
An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Sks
⭐
204
Security Knowledge Structure(安全知识汇总)
Docker Waf
⭐
186
An NGINX and ModSecurity based Web Application Firewall for Docker
Wafpass
⭐
184
Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
Awd Watchbird
⭐
181
A powerful PHP WAF for AWD
Curiefense
⭐
151
Curiefense is a unified, open source platform protecting cloud native applications.
Go Agent
⭐
134
Sqreen's Application Security Management for the Go language
Tesla
⭐
109
Tesla is a gateway service that provides dynamic routing,waf,support spring cloud,gRPC,DUBBO and more.
Dotnetpad
⭐
101
The Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
Awesome Cloud Security
⭐
99
Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Cidram
⭐
86
CIDRAM: Classless Inter-Domain Routing Access Manager.
Hooman
⭐
83
http interceptor to hoomanize cloudflare requests
Pwn Sandbox
⭐
81
A sandbox to protect your pwn challenges being pwned in CTF AWD.
Terraform Aws Waf Owasp Top 10 Rules
⭐
65
A Terraform module to create AWF WAF Rules for OWASP Top 10 security risks protection.
Ironclad
⭐
60
Web Application Firewall (WAF) on Kubernetes
Xwaf
⭐
48
xWAF 3.0 - Free Web Application Firewall, Open-Source.
Botwall4j
⭐
41
A botwall for Java web applications
Wafid
⭐
39
Wafid identify and fingerprint Web Application Firewall (WAF) products.
1-53 of 53 projects
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210