Open-source projects categorized as Waf | Edit details

Top 14 Waf Open-Source Projects

  • GitHub repo ModSecurity

    ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

    Project mention: Bulletproof at home hosting? | reddit.com/r/TOR | 2021-08-15

    When it comes to your application: I don't know how tech-savvy you are, and I'm not sure if you're worried about someone breaking into your webapp, but you could look into setting up security extentions like snuffleupagus (PHP) and SpiderLab's ModSecurity WAF for Apache and nginx for which OWASP has a great, free ruleset

  • GitHub repo Awesome-WAF

    🔥 Everything about web-application firewalls (WAF).

    Project mention: Web Application Security related Dissertation ideas | reddit.com/r/HowToHack | 2021-09-28

    Regardless, I would start with OWASP and their top ten list to see if anything interests you. If you're interested in WAF research, 0xInfection did some wonderful work you can read here.

  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo Padrino

    Padrino is a full-stack ruby framework built upon Sinatra.

    Project mention: 16 Best Ruby Frameworks For Web Development | dev.to | 2021-06-08

    Padrino’s benchmark metrics also reveal that it is four times faster than Rails. You can access Padrino through its GitHub page.

  • GitHub repo openrasp

    🔥Open source RASP solution

    Project mention: Project includes a dependancy that has a license that forbids its use | news.ycombinator.com | 2021-08-22
  • GitHub repo lua-resty-waf

    High-performance WAF built on the OpenResty stack

    Project mention: Differences beetwen lua-resty-waf and NGINX proxy manager? | reddit.com/r/nginx | 2021-04-27

    I just learned about about https://github.com/p0pr0ck5/lua-resty-waf while looking into the topic how to secure my reverse proxy server, besides that I only read that this is pretty much NGINX security enhanced with some extra plugins and performance tweaks, other than that don't know nothing about it.

  • GitHub repo roxy-wi

    Web interface for managing Haproxy, Nginx and Keepalived servers

    Project mention: What does the Checker check, or how to organize convenient monitoring via the web interface =) | reddit.com/r/homelab | 2021-10-15
  • GitHub repo ModSecurity-nginx

    ModSecurity v3 Nginx Connector

    Project mention: How to implement WAF on Kong Ingress controller? (like ModSecurity v3) | reddit.com/r/kubernetes | 2021-05-04

    ModSecurity Connector: https://github.com/SpiderLabs/ModSecurity-nginx

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo WPF Application Framework (WAF)

    Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.

    Project mention: MVVM resources | reddit.com/r/csharp | 2021-08-12
  • GitHub repo coraza-waf

    Coraza WAF is a golang modsecurity compatible web application firewall library

    Project mention: Go: Yaml DB | reddit.com/r/golang | 2021-09-02

    Interesting work, I was going to implement https://github.com/antchfx/jsonquery for github.com/jptosso/coraza-waf but your idea seems quite useful. I would remove logrus, as logs should be created by the implementation, not the library (or at least that's what a think)

  • GitHub repo awesome-cloud-security

    Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples. (by Funkmyster)

    Project mention: Cloud Security | reddit.com/r/redteamsec | 2021-09-19
  • GitHub repo Waf DotNetPad

    The Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.

  • GitHub repo CIDRAM

    CIDRAM: Classless Inter-Domain Routing Access Manager.

  • GitHub repo wafalyzer

    Web Application Firewall (WAF) Detector

  • GitHub repo coraza-gin

    Coraza WAF Gin-gonic middleware

    Project mention: Protect your web applications with Coraza library | reddit.com/r/golang | 2021-08-31

    Or use it as a Gin middleware: https://github.com/jptosso/coraza-gin

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-10-15.


What are some of the best open-source Waf projects? This list will help you:

Project Stars
1 ModSecurity 4,868
2 Awesome-WAF 3,919
3 Padrino 3,307
4 openrasp 1,952
5 lua-resty-waf 1,107
6 roxy-wi 948
7 ModSecurity-nginx 908
8 WPF Application Framework (WAF) 584
9 coraza-waf 231
10 awesome-cloud-security 124
11 Waf DotNetPad 102
12 CIDRAM 86
13 wafalyzer 23
14 coraza-gin 6
Find remote jobs at our new job board 99remotejobs.com. There are 37 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives