gotestwaf
coraza
gotestwaf | coraza | |
---|---|---|
5 | 7 | |
1,410 | 1,826 | |
1.8% | 3.8% | |
7.1 | 8.7 | |
11 days ago | about 23 hours ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gotestwaf
-
Open Source Pentest Tool - GoTestWAF (Need Feedback)
Hi guys! On Blackhat Arsenal 2022 I saw this tool: https://github.com/wallarm/gotestwaf
-
How can I test my WAF
gotestwaf - https://github.com/wallarm/gotestwaf
-
An interesting tool to test WAFs, RASPs and WAAP for application and API attacks (need feedback)
Direct link to project
-
OWASP TOP 10 mapped to AWS Managed Rules
If you are searching for a solution to deploy, update, and stage your Web Application Firewalls while managing them centrally via AWS Firewall Manager take a look at the AWS Firewall Factory tool. AWS Firewall Factory is able to test your deployed firewall using GoTestWAF. GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC and many more. It was designed to evaluate web application security solutions, such as API security proxies, Web Application Firewalls, IPS, API gateways, etc.
-
Guys, see the types of attacks to bypass the WAF in 6 months (sep 2020 - feb 2021, soon to be in a year). The data was parsed from Twitter | Is there anyone who can confirm the resection results?
Source: https://github.com/waf-bypass-maker/waf-community-bypasses/blob/main/payloads.twitter.csv kudos https://waf-bypass.com that's great, that ALL these payloads are already in an open source tool GoTestWAF https://github.com/wallarm/gotestwaf
coraza
- Coraza: Coraza WAF is a Golang modsecurity compatible web application firewall
-
WAF with reverse proxy
Is there a reason no one hasn't made a Docker template for OWASP Coraza (https://github.com/corazawaf/coraza) or ModSecurity (https://github.com/SpiderLabs/ModSecurity) for the use of a reverse proxy?
- Traefik WAF Plugin with OWASP/Modsecurity
-
Go: Yaml DB
Interesting work, I was going to implement https://github.com/antchfx/jsonquery for github.com/jptosso/coraza-waf but your idea seems quite useful. I would remove logrus, as logs should be created by the implementation, not the library (or at least that's what a think)
-
Protect your web applications with Coraza library
Coraza WAF is a golang web application firewall library that has reached a stable point (v1 is releasing tomorow). https://github.com/jptosso/coraza-waf
-
Golang Web Application Firewall
You have a point there, maybe releasing a v1.0 is not that crazy at all, it's much easier to type import "github.com/jptosso/coraza-waf/v1" indeed
What are some alternatives?
api-firewall - Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
traefik-modsecurity-plugin - Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
waf-community-bypasses
ModSecurity - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Open-Source-Security-Guide - Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
ModSecurity-nginx - ModSecurity v3 Nginx Connector
event-generator - Generate a variety of suspect actions that are detected by Falco rulesets
coraza-caddy - OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
aws-firewall-factory - Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.
lua-resty-waf - High-performance WAF built on the OpenResty stack
coraza-gin - Coraza WAF Gin-gonic middleware