Top 23 Waf Open-Source Projects
-
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
Project mention: What (software, open source) WAF are you using with (open source) Nginx? | reddit.com/r/nginx | 2022-05-26I'm currently erring toward ModSecurity & the Nginx connector now that it's been de-Apache'd.
-
This: https://github.com/0xInfection/Awesome-WAF
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
Project mention: What (software, open source) WAF are you using with (open source) Nginx? | reddit.com/r/nginx | 2022-05-26
I was using Naxsi until recently, but changes to PCRE compatibility have broken it for now, and the most recent commit was around 6 months ago. I can't help with the code commits, so I'm looking for alternatives.
-
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
I am thinking about implementation of https://github.com/EnableSecurity/wafw00f.
-
-
Project mention: Project includes a dependancy that has a license that forbids its use | news.ycombinator.com | 2021-08-22
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
Project mention: WAF in Roxy-WI: Basic GUI Web Application Security | reddit.com/r/homelab | 2022-01-11
Our website: https://roxy-wi.org/
-
Project mention: What (software, open source) WAF are you using with (open source) Nginx? | reddit.com/r/nginx | 2022-05-26
I'm currently erring toward ModSecurity & the Nginx connector now that it's been de-Apache'd.
-
gotestwaf
An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses
If you are searching for a solution to deploy, update, and stage your Web Application Firewalls while managing them centrally via AWS Firewall Manager take a look at the AWS Firewall Factory tool. AWS Firewall Factory is able to test your deployed firewall using GoTestWAF. GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC and many more. It was designed to evaluate web application security solutions, such as API security proxies, Web Application Firewalls, IPS, API gateways, etc.
-
-
-
WPF Application Framework (WAF)
Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
-
-
api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Project mention: Open Source API proxy firewall for request and response validation by OpenAPI specs. 70% faster than Nginx! | reddit.com/r/coolgithubprojects | 2022-05-11The product is open source, available at DockerHub and already got 1 billion (!!!) pulls. To support this project, you can star the repository. Check it out: https://github.com/wallarm/api-firewall
-
Project mention: Raptor WAF - web application firewall made in C from the scratch | reddit.com/r/netsec | 2022-06-09
-
OctopusWAF
OctopusWAF is a WAF( Web application firewall) with high performance, made in C language and use libevent.
Project mention: OctopusWAF: Un WAF( Web application firewall) de alto rendimiento, hecho en lenguaje C 🔥 | reddit.com/r/u_esgeeks | 2022-06-24 -
Project mention: Nemesida WAF Free – free Nginx WAF with the minimum False Positive and amazing Web visualisation | reddit.com/r/websec | 2022-03-04
We can also recommend our waf-bypass tool to check your WAF https://github.com/nemesida-waf/waf-bypass
-
awesome-cloud-security
Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples. (by Funkmyster)
-
tl-ops-manage
api-gateway, framework for service management based on openresty。balance, health-check, limit-fuse, waf, 负载均衡,健康检查,服务熔断,服务限流,动态配置,数据统计, waf过滤,黑白名单,基于openresty的API网关
-
Waf DotNetPad
The Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
-
PoW-Shield
Project dedicated to fight Layer 7 DDoS with proof of work, featuring an additional WAF. Completed with full set of features and containerized for rapid and lightweight deployment.
Project Link: PoW Shield.
-
Waf related posts
- how do i download cs 1.6
- User management
- Project to fight DDoS with proof of work
- PoW-Shield: Project dedicated to fight DDoS and spam with proof of work. Added controller functionality with cool features.
- xss waf bypass
- OctopusWAF: Un WAF( Web application firewall) de alto rendimiento, hecho en lenguaje C 🔥
- Raptor WAF - web application firewall made in C from the scratch
Index
What are some of the best open-source Waf projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | ModSecurity | 5,601 |
| 2 | Awesome-WAF | 4,581 |
| 3 | naxsi | 4,083 |
| 4 | wafw00f | 3,534 |
| 5 | Padrino | 3,326 |
| 6 | openrasp | 2,267 |
| 7 | lua-resty-waf | 1,169 |
| 8 | roxy-wi | 1,121 |
| 9 | ModSecurity-nginx | 1,089 |
| 10 | gotestwaf | 833 |
| 11 | xash3d-fwgs | 672 |
| 12 | coraza | 629 |
| 13 | WPF Application Framework (WAF) | 620 |
| 14 | curiefense | 522 |
| 15 | api-firewall | 384 |
| 16 | raptor_waf | 280 |
| 17 | OctopusWAF | 163 |
| 18 | waf-bypass | 161 |
| 19 | awesome-cloud-security | 157 |
| 20 | tl-ops-manage | 136 |
| 21 | Waf DotNetPad | 118 |
| 22 | PoW-Shield | 107 |
| 23 | CIDRAM | 95 |
Are you hiring? Post a new remote job listing for free.
