web-application-firewall

There are 31 repositories under web-application-firewall topic.

• SafeLine

  chaitin / SafeLine

  A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.

  firewallhttp-floodsecuritysql-injectionwafweb-application-firewallweb-securityxsscaptchaapi-gatewayappseccvecybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteamself-hosted
  Language:Go 11183

• 0xInfection / Awesome-WAF

  🔥 Web-application firewalls (WAFs) from security standpoint.

  wafweb-application-firewallfirewallawesome-listawesomewaf-bypasswaf-detectionwaf-testwaf-testingwaf-fingerprintsbypass-wafinfosecsecurity
  Language:Python 6084
• bunkerweb

  bunkerity / bunkerweb

  🛡️ Open-source and next-generation Web Application Firewall (WAF)

  antibotbunkerized-nginxcybersecuritydevopsdevsecopsdnsbldockerhardeninghostingkubernetesletsencryptmodsecuritynginxreverse-proxysecuritysecurity-tuningswarmwafweb-application-firewallweb-security
  Language:Python 5068

• EnableSecurity / wafw00f

  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

  fingerprintwafwaffitweb-application-firewall
  Language:Python 5052

• Ekultek / WhatWaf

  Detect and bypass web application firewalls and protection systems

  bypassfirewallweb-applicationdetectionwaffingerprintingweb-application-firewall-bypassingweb-application-firewall
  Language:Python 2572
• coraza

  corazawaf / coraza

  OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

  corazacoraza-wafcorerulesetgogolanghacktoberfesthttpmodsecurityowaspowasp-crswafweb-application-firewall
  Language:Go 2016

• wallarm / gotestwaf

  An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

  api-securitybugbountygraphql-securitygrpc-securityowasprest-securitysecuritysecurity-testingsecurity-toolswafweb-application-firewallweb-application-security
  Language:Go 1479

• ADD-SP / ngx_waf

  Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

  nginxnginx-modulesweb-application-firewallwafmodsecuritymodsecurity-nginxopenrestycaptchahcaptcharecaptcha
  Language:C 1464

• Janusec / janusec

  JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

  acmeapplication-gatewayapplication-securitycookie-bannercookie-compliancegatewaygolanggslbjanusecjanusec-application-gatewayk8s-ingress-controllerload-balanceport-forwardingsecuritysql-injectionwafweb-application-firewallweb-application-securityweb-ssh
  Language:Go 1128

• openappsec / openappsec

  open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

  api-securityapplication-securitykubernetesnginxweb-application-firewallappsecdevsecopskongrate-limitingsecurity-toolsthreat-preventionwafowaspowasp-top-tennginx-proxy-manager
  Language:C++ 754

• titansec / OpenWAF

  Web security protection system based on openresty

  wafopenrestynginxluawebnginx-luaopenwafweb-application-firewallcchttp-flood
  Language:C 746

• leohearts / awd-watchbird

  A powerful PHP WAF for AWD

  awdawd-frameworkctfphpwafweb-application-firewall
  Language:PHP 613

• tempesta-tech / tempesta

  All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

  web-application-firewalllinux-kernelhigh-performancehttp-acceleratorload-balancerdatabasetlshttp2securitybotsddos-protectionweb-performanceweb-security
  Language:C 608
• uuWAF

  Safe3 / uuWAF

  A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

  wafapplication-securityweb-application-firewallmodsecurityweb-security-gatewayapi-gatewayapi-securitywaapsecurityuuwafddoshttp-floodowasp
  Language:C 603
• api-firewall

  wallarm / api-firewall

  Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

  apiapi-firewallapi-gatewayapi-securityapi-wafapi-wrapperapigatewayfirewallopenapiopenapi-securityopenapi-specopenapi-specificationproxyrest-securitysecuritysecurity-toolsswaggerwafweb-application-firewallweb-application-security
  Language:Go 558

• chaitin / blazehttp

  BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.

  benchmarkbypasshttp-parserwafwaf-testweb-application-firewall
  Language:Go 507

• casbin / caswaf

  HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

  firewallgatewayhttpoauthproxywafweb-application-firewallmodsecuritymodsecurity-core-rule-set
  Language:Go 305

• nmmapper / dnsdumpster

  A tool to perform DNS reconnaissance on target networks. Among the DNS information got from include subdomains, mx records, web application firewall detection and more fingerprinting and lookups

  detectiondns-fingerprintingdns-reconnaissancednsdumpsternetworknmmapperreconnaissancescannerscannerssubdomainsubdomain-finderweb-application-firewall
  Language:Python 259

• wafpassproject / wafpass

  Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

  analysing-parametersbypass-methodspayloadwafweb-application-firewall
  Language:Python 206

• AvalZ / WAF-A-MoLE

  A guided mutation-based fuzzer for ML-based Web Application Firewalls

  webweb-securityweb-application-firewallmachine-learningadversarial-machine-learning
  Language:Python 161
• blacklists

  fabriziosalmi / blacklists

  Hourly updated domains blacklist 🚫

  blacklistingblacklistsdns-blacklistdns-blockingdns-blocklistsdomain-blocklistadguard-blocklistdns-filteringpihole-blocklistsweb-application-firewallblacklistblacklist-domainsdomain-blockerblocklistblocklist-aggregatorblocklistsadguardblacklist-managementpi-holedomains-list
  Language:Shell 113

• corazawaf / coraza-spoa

  EXPERIMENTAL: A wrapper around the OWASP Coraza WAF for HAProxy's SPOE filters

  corazahaproxyhaproxy-spoawafweb-application-firewall
  Language:Go 74

• Alemalakra / xWAF

  xWAF 3.0 - Free Web Application Firewall, Open-Source.

  wafxssvulns-fixedweb-application-firewallsqliblockvulnsprotectwebsitewebapplicationfirewallphp
  Language:PHP 69

• aaPanel / BT-WAF

  堡塔云WAF，宝塔免费(free)的私有云网站应用防火墙(firewall)，基于docker/nginx/lua开发

  aclcaptchacc-attackddosddos-attacksddos-defenseddos-protectiondockerfirewallhttp-floodmodsecuritynginxsecuritysecurity-toolssqli-injectionwafweb-application-firewallweb-securityxss
  50
• ML-based-WAF

  vladan-stojnic / ML-based-WAF

  Simple machine learning based web application firewall (WAF) created in python

  sqlixsspath-traversalsql-injectioncross-site-scriptingcmdicommand-injectionparameter-tamperinghttpmlmachine-learningsvmtf-idfdecision-treeswafweb-application-firewallpythonsklearnscapydash
  Language:Jupyter Notebook 44

• teler-sh / teler-proxy

  🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷

  firewallintrusion-detectionintrusion-preventionproxy-serverreverse-proxysecure-by-defaulttelerteler-waftunnel-serverwafweb-application-firewallweb-application-securityteler-proxy
  Language:Go 40

• Janusec / janusec-admin

  The Unified Web Administration Portal for Janusec Application Gateway (an application security solution which provides Web Application Firewall, unified web administration portal, private key protection, web routing and scalable load balancing).

  application-gatewayweb-application-firewallwafweb-application-securitygateway-waf
  Language:TypeScript 31

• nemesida-waf / nemesida_waf_free

  Nemesida WAF Community Edition

  community-editionfree-waf-for-nginxnemesida-wafnemesida-waf-cengin-free-wafnginxnwaf-dynwafweb-application-firewall
  29

• timokoessler / easy-waf

  An easy-to-use Web Application Firewall (WAF) for Node.js. Can be used with Express, Fastify, NextJS, NuxtJS ... or plain Node.js http.

  nodejssecuritywafweb-application-firewallweb-application-securityjavascriptmit-licensetypescript
  Language:TypeScript 29

• wallarm / docker-wallarm-node

  ⚡️ Docker official image for Wallarm Node. API security platform agent.

  nginxwafsecurity-toolssecurityweb-application-firewallapi-securityrest-securityopenapi-securityenvoyproxysecurity-automationapi-firewallapplication-firewallsecurity-scannersecurity-audit
  Language:Shell 29

• riverside / php-waf

  :guardsman: PHP Web Application Firewall

  firewallphpphp-firewallwafweb-application-firewallwebapp-firewall
  Language:PHP 27

• paulveillard / cybersecurity-ethical-hacking

  An ongoing collection of awesome ethical hacking tools, software, libraries, learning tutorials, frameworks, academic and practical resources

  hackathonhackinghackingtoolshackerrank-solutionshacking-toolpentestvulnerability-detectionvulnerabilitiessecurity-toolssecurity-auditcybersecuritycybersecurity-incidentswebapplicationweb-application-securityweb-application-security-scannerweb-application-firewall
  Language:Python 25

• numanozdemircom / webcop-firewall

  WebCOP Firewall is advanced and PHP based web application firewall. Doesnt ask for root privileges.

  web-application-firewallphpsecuritywaf
  Language:PHP 24

• bunkerity / bunkerweb-plugins

  Official plugins for BunkerWeb.

  clamavbunkerwebcrowdsecdiscordsecurityslackvirustotalwafweb-application-firewallcoraza
  Language:HTML 23

• f5devcentral / f5-agility-labs-waf

  F5 Agility Labs for Web Application Firewall Use Cases

  documentationtraining-labsf5-agility-labsf5-asmweb-application-firewallweb-application-securityapplication-securityddos-mitigationhttp-proxysecurity
  Language:Shell 19

• jackaduma / AI-WAF

  AI driven Web Application Firewall

  aicyber-securitycybersecuritydeep-learningmachine-learningneural-networknlptext-classificationtextcnnwafweb-application-firewallwebapplicationfirewallclassification-algorithmnatural-language-processingnlp-deep-learningnlp-machine-learning
  Language:Python 17