web-application-firewall

There are 17 repositories under web-application-firewall topic.

• 0xInfection / Awesome-WAF

  🔥 Web-application firewalls (WAFs) from security standpoint.

  wafweb-application-firewallfirewallawesome-listawesomewaf-bypasswaf-detectionwaf-testwaf-testingwaf-fingerprintsbypass-wafinfosecsecurity
  Language:Python 4944

• EnableSecurity / wafw00f

  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

  fingerprintwafwaffitweb-application-firewall
  Language:Python 3915

• Ekultek / WhatWaf

  Detect and bypass web application firewalls and protection systems

  bypassfirewallweb-applicationdetectionwaffingerprintingweb-application-firewall-bypassingweb-application-firewall
  Language:Python 2148

• ADD-SP / ngx_waf

  Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

  nginxnginx-modulesweb-application-firewallwafmodsecuritymodsecurity-nginxopenrestycaptchahcaptcharecaptcha
  Language:C 1166

• wallarm / gotestwaf

  An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

  owaspapi-securitysecuritybugbountysecurity-toolswafweb-application-securityweb-application-firewallsecurity-testinggraphql-securitygrpc-securityrest-security
  Language:Go 1068

• Janusec / Application-Gateway

  Janusec Application Gateway, an application security solution which provides ACME HTTPS, K8S Ingress Controller, WAF (Web Application Firewall), CC defense, OAuth2 Authentication and load balancing. Janusec应用网关，提供ACME自动化证书与HTTPS接入、K8S Ingress控制器、WAF (Web Application Firewall)、CC防御、OAuth2身份认证、负载均衡等功能。

  wafweb-application-firewallapplication-gatewayload-balancegatewayapplication-securitygolanggosecurityweb-application-securitysql-injectionjanusec-application-gatewayweb-sshjanusecport-forwardingacmebrotlik8s-ingress-controller
  Language:Go 988
• coraza

  corazawaf / coraza

  OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

  corazawafcoraza-wafowasp-crsmodsecuritycorerulesetowaspgolanggohttpweb-application-firewallhacktoberfest
  Language:Go 870

• titansec / OpenWAF

  Web security protection system based on openresty

  wafopenrestynginxluawebnginx-luaopenwafweb-application-firewallcchttp-flood
  Language:C 703

• tempesta-tech / tempesta

  All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

  ddos-mitigationweb-application-firewalllinux-kernelhigh-performancehttp-acceleratorload-balancerdatabasetlshttp2security
  Language:C 559
• api-firewall

  wallarm / api-firewall

  Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

  proxyfirewallwafapi-gatewayapigatewayapi-wrappersecurity-toolssecurityapi-securityapiapi-firewallopenapi-specificationopenapiswaggeropenapi-securityrest-securityapi-wafweb-application-securityweb-application-firewallopenapi-spec
  Language:Go 440

• leohearts / awd-watchbird

  A powerful PHP WAF for AWD

  phpawdawd-frameworkweb-application-firewallctfwaf
  Language:PHP 389

• wafpassproject / wafpass

  Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

  wafbypass-methodsweb-application-firewallanalysing-parameterspayload
  Language:Python 196

• Safe3 / uuWAF

  一款社区驱动的免费、高性能、高扩展顶级Web应用安全防护产品

  wafapplication-securityweb-application-firewallmodsecurityweb-security-gateway
  Language:Lua 158

• nmmapper / dnsdumpster

  A tool to perform DNS reconnaissance on target networks. Among the DNS information got from include subdomains, mx records, web application firewall detection and more fingerprinting and lookups

  subdomainsubdomain-finderdnsdumpsternmmapperscannersscannernetworkreconnaissancedns-fingerprintingweb-application-firewalldns-reconnaissancedetection
  Language:Python 147

• AvalZ / WAF-A-MoLE

  A guided mutation-based fuzzer for ML-based Web Application Firewalls

  webweb-securityweb-application-firewallmachine-learningadversarial-machine-learning
  Language:Python 131

• Alemalakra / xWAF

  xWAF 3.0 - Free Web Application Firewall, Open-Source.

  wafxssvulns-fixedweb-application-firewallsqliblockvulnsprotectwebsitewebapplicationfirewallphp
  Language:PHP 60

• Janusec / janusec-admin

  The Unified Web Administration Portal for Janusec Application Gateway (an application security solution which provides Web Application Firewall, unified web administration portal, private key protection, web routing and scalable load balancing).

  application-gatewayweb-application-firewallwafweb-application-securitygateway-waf
  Language:TypeScript 27
• ML-based-WAF

  vladan-stojnic / ML-based-WAF

  Simple machine learning based web application firewall (WAF) created in python

  sqlixsspath-traversalsql-injectioncross-site-scriptingcmdicommand-injectionparameter-tamperinghttpmlmachine-learningsvmtf-idfdecision-treeswafweb-application-firewallpythonsklearnscapydash
  Language:Jupyter Notebook 26

• nemesida-waf / nemesida_waf_free

  Nemesida WAF Community Edition

  community-editionfree-waf-for-nginxnemesida-wafnemesida-waf-cengin-free-wafnginxnwaf-dynwafweb-application-firewall
  22

• NumanABi / webcop-firewall

  WebCOP Firewall is advanced and PHP based web application firewall. Doesnt ask for root privileges.

  web-application-firewallphpsecuritywaf
  Language:PHP 21

• wallarm / docker-wallarm-node

  ⚡️ Docker official image for Wallarm Node. API security platform agent.

  nginxwafsecurity-toolssecurityweb-application-firewallapi-securityrest-securityopenapi-securityenvoyproxysecurity-automationapi-firewallapplication-firewallsecurity-scannersecurity-audit
  Language:Shell 21

• corazawaf / coraza-spoa

  A wrapper around the OWASP Coraza WAF for HAProxy's SPOE filters

  wafcorazahaproxy-spoaweb-application-firewallhaproxy
  Language:Go 19

• orangemiaw / SimpleWAF

  :octocat: SimpleWAF is a simple web application firewall writen using PHP that can send real time attacking report by some actor using Telegram Bot API.

  firewallphp-firewallphp-libraryphp-securitysecurity-toolsweb-applicationweb-application-firewall
  Language:PHP 18

• reinforchu / NachtWal

  Reinforced Mitigation Security Filter

  csharpiiswindows-serverasp-netweb-application-firewallxsssecurity
  Language:C# 17

• riverside / php-waf

  :guardsman: PHP Web Application Firewall

  firewallweb-application-firewallphpphp-firewallwafwebapp-firewall
  Language:PHP 15

• f5devcentral / f5-agility-labs-waf

  F5 Agility Labs for Web Application Firewall Use Cases

  documentationtraining-labsf5-agility-labsf5-asmweb-application-firewallweb-application-securityapplication-securityddos-mitigationhttp-proxysecurity
  Language:Shell 14

• sudeshnapal12 / Web-Application-Firewall

  Designed and Implemented a Web Application Firewall as an Apache module that "sits" in-front of a web server. The WAF is designed to stop malicious requests from known attacks such as SQL Injection, XSS attacks and from unknown attacks by learning the legitimate traffic.

  apacheweb-application-firewall
  Language:C 12

• paulveillard / cybersecurity-ethical-hacking

  An ongoing collection of awesome ethical hacking tools, software, libraries, learning tutorials, frameworks, academic and practical resources

  hackathonhackinghackingtoolshackerrank-solutionshacking-toolpentestvulnerability-detectionvulnerabilitiessecurity-toolssecurity-auditcybersecuritycybersecurity-incidentswebapplicationweb-application-securityweb-application-security-scannerweb-application-firewall
  Language:Jupyter Notebook 11

• turnerlabs / sigsci_site_manager

  Signal Sciences Site Manager

  signal-sciencessignal-sciences-apiweb-application-firewallwafdevsecopssignalsciencessigsci
  Language:Python 11
• swaf-docker

  swaf-project / swaf-docker

  A simple Web Application Firewall docker image.

  web-application-securityweb-application-firewallwafdockerdocker-imagenginxmodsecuritynaxsiowaspcrsowasp-crs-core-rule-setcore-rule-setswafnginx-proxyprotectiondockerfilefirewall
  Language:Shell 8

• jackaduma / AI-WAF

  AI driven Web Application Firewall

  aicyber-securitycybersecuritydeep-learningmachine-learningneural-networknlptext-classificationtextcnnwafweb-application-firewallwebapplicationfirewallclassification-algorithmnatural-language-processingnlp-deep-learningnlp-machine-learning
  Language:Python 7

• 3nn10 / CloudDog

  CloudDog is a centralized EDR and WAF, it is able to identify and prevent web application attacks, ssh bruteforce and Suspicious shell commands.

  cloud-watch-agentcloudwatchipsintrusion-prevention-systemcentralized-hipsawssiemevent-correlation-detectionwafweb-application-firewallanomaly-detectionsecurityprotectionedrantivirussigmamitre-attack
  Language:Python 6

• daxio / nginx-naxsi

  Official NGINX compiled with NBS System NAXSI

  nginxnaxsiwafweb-application-firewallanti-xssanti-sql-injectionxsssql-injection
  Language:Dockerfile 6

• riotkit-org / wordpress-hardened

  Secure and performant Wordpress installation on your Kubernetes cluster

  wordpresswordpress-automationwordpress-updaterdockerdocker-composesupervisordhardenedkubernetesnginxnonroot-useropenshiftrootless-containerswafweb-application-firewallwordpress-securitywordpress-kubernetesmultirunp2clik8s
  Language:Shell 6

• timokoessler / easy-waf

  An easy-to-use Web Application Firewall (WAF) for Node.js. Can be used with Express, Fastify, NextJS, NuxtJS ... or plain Node.js http.

  expressnodejssecuritywafweb-application-firewallweb-application-securityjavascriptmit-licensefastify
  Language:JavaScript 6

• carlosdg / NginxReverseProxyWithModsecurity

  NGINX reverse proxy using ModSecurity WAF to protect a web application

  nginxwafweb-application-firewallmodsecuritymodsecurity-nginxmodsecurity-core-rule-setreverse-proxynodegoatdockerdocker-composeowaspowasp-top-10
  Language:Dockerfile 5