gotestwaf
event-generator
gotestwaf | event-generator | |
---|---|---|
5 | 1 | |
1,410 | 79 | |
1.8% | - | |
7.1 | 9.3 | |
11 days ago | 2 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gotestwaf
-
Open Source Pentest Tool - GoTestWAF (Need Feedback)
Hi guys! On Blackhat Arsenal 2022 I saw this tool: https://github.com/wallarm/gotestwaf
-
How can I test my WAF
gotestwaf - https://github.com/wallarm/gotestwaf
-
An interesting tool to test WAFs, RASPs and WAAP for application and API attacks (need feedback)
Direct link to project
-
OWASP TOP 10 mapped to AWS Managed Rules
If you are searching for a solution to deploy, update, and stage your Web Application Firewalls while managing them centrally via AWS Firewall Manager take a look at the AWS Firewall Factory tool. AWS Firewall Factory is able to test your deployed firewall using GoTestWAF. GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC and many more. It was designed to evaluate web application security solutions, such as API security proxies, Web Application Firewalls, IPS, API gateways, etc.
-
Guys, see the types of attacks to bypass the WAF in 6 months (sep 2020 - feb 2021, soon to be in a year). The data was parsed from Twitter | Is there anyone who can confirm the resection results?
Source: https://github.com/waf-bypass-maker/waf-community-bypasses/blob/main/payloads.twitter.csv kudos https://waf-bypass.com that's great, that ALL these payloads are already in an open source tool GoTestWAF https://github.com/wallarm/gotestwaf
event-generator
-
Getting started developing Falco
Now that you built Falco, you may wonder if everything works as expected. A quick and dirty way of testing Falco is using the event-generator. This is yet another project from the Falcosecurity organization, and it can be used to generate some suspicious actions on the system, therefore, triggering some Falco rules. All you need to do is to start two terminals. You will launch Falco from one of them and leave it running. From the second terminal, launch the event generator using the following command:
What are some alternatives?
api-firewall - Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
libs - libsinsp, libscap, the kernel module driver, and the eBPF driver sources
waf-community-bypasses
Visual Studio Code - Visual Studio Code
coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Vagrant - Vagrant is a tool for building and distributing development environments.
Open-Source-Security-Guide - Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
community - The Falco Project Community
aws-firewall-factory - Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.
falco - Cloud Native Runtime Security
coraza-caddy - OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS