The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Waf Open-Source Projects
-
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
-
source-engine
Modified source engine (2017) developed by valve and leaked in 2020. Not for commercial purporses
-
WPF Application Framework (WAF)
Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
-
openappsec
open-appsec is an open-source machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It is available for NGINX, NGINX Ingress, Envoy (Soon), Kong (Soon), Ambassador (Soon).
-
nginx-autoinstall
Compile NGINX from source with custom modules and patches on Debian and Ubuntu (by angristan)
-
awesome-cloud-security
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples. (by Funkmyster)
-
api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
-
tl-ops-manage
api-gateway, framework for service management based on openresty。balance, health-check, limit-fuse, waf, 负载均衡,健康检查,服务熔断,服务限流,动态配置,数据统计, waf过滤,黑白名单,基于openresty的API网关
-
aws-firewall-factory
Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Coraza: Coraza WAF is a Golang modsecurity compatible web application firewall | news.ycombinator.com | 2024-01-08
Project mention: Roxy-WI: Web Interface for Managing Haproxy, Nginx, Apache & Keepalived Servers | news.ycombinator.com | 2023-05-25
Project mention: Modified source engine (2017) developed by valve and leaked in 2020 | news.ycombinator.com | 2023-10-28
Project mention: Seeking contributors for a security open-source project | /r/developersIndia | 2023-09-16If someone in the community is interested in doing these projects, we will be happy to guide and help you. The contributions guidelines are available here: https://github.com/openappsec/openappsec/blob/main/CONTRIBUTING.md
Project mention: api-firewall VS asteria - a user suggested alternative | libhunt.com/r/api-firewall | 2023-08-27
Project mention: kitabisa/teler-waf: Introduces external custom rules & DSL expression support! | /r/netsec | 2023-06-04
Project mention: Exciting Update: AWS Firewall Factory Enhanced with Centralized RegexPatternSet Management! | /r/aws | 2023-09-29
Waf related posts
- Coraza: Coraza WAF is a Golang modsecurity compatible web application firewall
- Half-Life è gratis in occasione del suo 25esimo compleanno
- Half-Life 25th Anniversary Update
- Modified source engine (2017) developed by valve and leaked in 2020
- Exciting Update: AWS Firewall Factory Enhanced with Centralized RegexPatternSet Management!
- Seeking contributors for a security open-source project
- When URL parsers disagree (CVE-2023-38633, librsvg)
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source Waf projects? This list will help you:
Project | Stars | |
---|---|---|
1 | ModSecurity | 7,558 |
2 | Awesome-WAF | 5,902 |
3 | wafw00f | 4,852 |
4 | Padrino | 3,363 |
5 | openrasp | 2,685 |
6 | coraza | 1,802 |
7 | ModSecurity-nginx | 1,420 |
8 | gotestwaf | 1,402 |
9 | roxy-wi | 1,392 |
10 | xash3d-fwgs | 1,391 |
11 | lua-resty-waf | 1,251 |
12 | waf-bypass | 1,083 |
13 | source-engine | 1,030 |
14 | curiefense | 709 |
15 | WPF Application Framework (WAF) | 692 |
16 | openappsec | 651 |
17 | nginx-autoinstall | 631 |
18 | awesome-cloud-security | 560 |
19 | api-firewall | 527 |
20 | teler-waf | 290 |
21 | coraza-caddy | 252 |
22 | tl-ops-manage | 227 |
23 | aws-firewall-factory | 214 |