Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems. Learn more →
Top 8 Python Waf Projects
-
Project mention: Show HN: BunkerWeb – The Open-Source Web Application Firewall (WAF) | news.ycombinator.com | 2024-12-06
-
Judoscale
Save 47% on cloud hosting with autoscaling that just works. Judoscale integrates with Django, FastAPI, Celery, and RQ to make autoscaling easy and reliable. Save big, and say goodbye to request timeouts and backed-up task queues.
-
Link: Awesome-WAF on GitHub
-
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
The most notable vendor doing such vulnerability and penetration testing for VoIP and WebRTC is likely Enable Security - be sure to subscribe to their newsletter for more security advice around communication technologies.
-
Project mention: Install Modsecurity + OWASP CRS for Nginx Webserver on Centos 7 | dev.to | 2024-05-27
sudo git clone https://github.com/coreruleset/coreruleset.git /etc/nginx/owasp-crs
-
-
-
dracan
Dracan is a lightweight middleware for Kubernetes that enhances filtering and validation capabilities. It ensures that only valid requests reach your applications, featuring HTTP method filtering, JSON validation, Header validation and request limiting. Looking for first potential users to get feedback as well as active maintainers
Project mention: Show HN: Dracan – Open-source, 1:1 proxy with simple filtering/validation config | news.ycombinator.com | 2024-11-09 -
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
BountyDrive
BountyDrive is a comprehensive tool designed for penetration testers and cybersecurity researchers. It integrates various modules for performing attacks (google dorking, sqli, xss), reporting, and managing VPN/proxy settings, making it an indispensable asset for any security professional.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Python Waf discussion
Python Waf related posts
-
6 Essential WebRTC Security Best Practices for 2025
-
5 Best Free and Open Source WAF for 2025
-
Top Open-Source WAF Projects: Secure Your Website with the Best Tools
-
When URL parsers disagree (CVE-2023-38633, librsvg)
-
WAF Bypass Tool - check your WAF before an attacker does
-
WAF bypass is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does.
-
WAF bypass is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does.
-
A note from our sponsor - InfluxDB
influxdata.com | 19 Apr 2025
Index
What are some of the best open-source Waf projects in Python? This list will help you:
| # | Project | Stars |
|---|---|---|
| 1 | BunkerWeb | 7,807 |
| 2 | Awesome-WAF | 6,597 |
| 3 | wafw00f | 5,593 |
| 4 | coreruleset | 2,533 |
| 5 | roxy-wi | 1,618 |
| 6 | waf-bypass | 1,363 |
| 7 | dracan | 61 |
| 8 | BountyDrive | 17 |
Sponsored
Save 47% on cloud hosting with autoscaling that just works
Judoscale integrates with Django, FastAPI, Celery, and RQ to make autoscaling easy and reliable. Save big, and say goodbye to request timeouts and backed-up task queues.
judoscale.com