Topic: waf Goto Github
Some thing interesting about waf
👇 Here are 438 public repositories matching this topic...
-
0xinfection / awesome-waf
waf,🔥 Web-application firewalls (WAFs) from security standpoint.
User: 0xinfection
waf web-application-firewall firewall awesome-list awesome waf-bypass waf-detection waf-test waf-testing waf-fingerprints -
add-sp / ngx_waf
waf,Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块
User: add-sp
Home Page: https://add-sp.github.io/ngx_waf-docs/
nginx nginx-modules web-application-firewall waf modsecurity modsecurity-nginx openresty captcha hcaptcha recaptcha -
-
al0ne / vxscan
waf,python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
User: al0ne
python python3 portscan tools pentest scan-tool security-tools waf fingerprint directory-scanning -
angristan / nginx-autoinstall
waf,Compile NGINX from source with custom modules and patches on Debian and Ubuntu
User: angristan
nginx openssl libressl brotli pagespeed geoip alpn http2 chacha20-poly1305 curve25519 -
-
bunkerity / bunkerweb
waf,🛡️ Make your web services secure by default !
Organization: bunkerity
Home Page: https://www.bunkerweb.io
nginx modsecurity docker security dnsbl reverse-proxy bunkerized-nginx hardening web-security security-tuning -
-
casbin / caswaf
waf,HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com
Organization: casbin
Home Page: https://caswaf.org
firewall gateway http oauth proxy waf web-application-firewall modsecurity modsecurity-core-rule-set -
chaitin / safeline
waf,一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hacker attacks.
Organization: chaitin
Home Page: https://waf-ce.chaitin.cn/
acl cc firewall http-flood security security-tools sql-injection waf web-application-firewall web-security -
chengdedeng / waf
waf,:vertical_traffic_light:Web Application Firewall or API Gateway(应用防火墙/API网关)
User: chengdedeng
Home Page: https://github.com/chengdedeng/waf
waf http-proxy littleproxy firewall security -
chushuai / wscan
waf, Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
User: chushuai
crawler passive-vulnerability-scanner poc sql-injection vulnerability-scanner webscan chromedp headless cel-go martian -
chybeta / code-audit-challenges
waf,Code-Audit-Challenges
User: chybeta
Home Page: https://github.com/CHYbeta/Code-Audit-Challenges
php nodejs python security ctf audit-challenges sql waf -
corazawaf / coraza
waf,OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Organization: corazawaf
Home Page: https://www.coraza.io
coraza waf coraza-waf owasp-crs modsecurity coreruleset owasp golang go http -
curiefense / curiefense
waf,Curiefense is a unified, open source platform protecting cloud native applications.
Organization: curiefense
Home Page: https://linktr.ee/curiefense
envoyproxy waf botmanagement ddos cloud-native microservices security rate-limiter ddos-protection session -
ds19991999 / secbox
waf,🖤 网络安全与渗透测试工具导航
Organization: ds19991999
secure php-webshell waf tool sql xss web-sql -
ekultek / whatwaf
waf,Detect and bypass web application firewalls and protection systems
User: ekultek
bypass firewall web-application detection waf fingerprinting web-application-firewall-bypassing web-application-firewall -
enablesecurity / wafw00f
waf,WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Organization: enablesecurity
Home Page: https://www.enablesecurity.com/
waf fingerprint waffit web-application-firewall -
funkmyster / awesome-cloud-security
waf,A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
User: funkmyster
cloud-security aws security information-security waf dlp logging cloud elasticsearch awesome -
fwgs / xash3d-fwgs
waf,Xash3D FWGS engine.
Organization: fwgs
xash3d-fwgs xash3d-engine waf crossplatform -
janusec / janusec
waf,JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。
Organization: janusec
Home Page: https://janusec.github.io/
waf web-application-firewall application-gateway load-balance gateway application-security golang security web-application-security sql-injection -
-
-
-
leohearts / awd-watchbird
waf,A powerful PHP WAF for AWD
User: leohearts
php awd awd-framework web-application-firewall ctf waf -
-
mr-xn / burpsuite-collections
waf,有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
User: mr-xn
Home Page: https://mrxn.net/?tag=burpsuite
burpsuite burpsuite-extender burpsuite-tools hacktool pentesting pentest-tool burp-extensions hackbar j2eescan sqlmap -
nbs-system / naxsi
waf,NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
Organization: nbs-system
naxsi nginx c waf -
nccgroup / burpsuitehttpsmuggler
waf,A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Organization: nccgroup
waf bypass burpsuite burpsuite-extender -
nemesida-waf / waf-bypass
waf,Check your WAF before an attacker does
Organization: nemesida-waf
Home Page: https://nemesida-waf.com
waf python3 bypass python rce xss waf-bypass-tool api-security-testing lfi nosql-injection -
nillerusr / source-engine
waf,Modified source engine (2017) developed by valve and leaked in 2020. Not for commercial purporses
User: nillerusr
game-engine source-engine half-life2 cross-platform waf -
openappsec / openappsec
waf,open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Organization: openappsec
Home Page: https://openappsec.io
api-security application-security kubernetes nginx web-application-firewall appsec devsecops kong rate-limiting security-tools -
owasp-modsecurity / modsecurity
waf,ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Organization: owasp-modsecurity
Home Page: https://www.modsecurity.org
modsecurity nginx apache apache2 waf -
owasp-modsecurity / modsecurity-nginx
waf,ModSecurity v3 Nginx Connector
Organization: owasp-modsecurity
modsecurity nginx modsecurity-nginx nginx-connector waf libmodsecurity -
p0pr0ck5 / lua-resty-waf
waf,High-performance WAF built on the OpenResty stack
User: p0pr0ck5
lua-resty-waf lua nginx-lua modsecurity waf openresty -
padrino / padrino-framework
waf,Padrino is a full-stack ruby framework built upon Sinatra.
Organization: padrino
Home Page: http://www.padrinorb.com
padrino waf ruby -
roxy-wi / roxy-wi
waf,Web interface for managing Haproxy, Nginx, Apache and Keepalived servers
Organization: roxy-wi
Home Page: https://roxy-wi.org
haproxy-servers web-interface management web-manager web-gui gui webui haproxy-configuration haproxy-status haproxy-gui -
safe3 / uuwaf
waf,A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP
User: safe3
Home Page: https://waf.uusec.com
waf application-security web-application-firewall modsecurity web-security-gateway api-gateway api-security waap security uuwaf -
-
-
-
-
-
tom0li / collection-document
waf,Collection of quality safety articles. Awesome articles.
User: tom0li
Home Page: https://tom0li.github.io/
dns pentest list security sec hacking src bug-bounty fuzz xss -
trimstray / htrace.sh
waf,My simple Swiss Army knife for http/https troubleshooting and profiling.
User: trimstray
debugging-tools http-requests https-troubleshoting httptracer mozilla-observatory nmap nmap-scripts redirect-urls security-tools ssllabs-scan sublist3r swissarmyknife testing-tools testssl waf -
wallarm / api-firewall
waf,Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Organization: wallarm
Home Page: https://wallarm.github.io/api-firewall/
proxy firewall waf api-gateway apigateway api-wrapper security-tools security api-security api -
wallarm / awesome-nginx-security
waf,🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Organization: wallarm
nginx modsecurity waf naxsi awesome-list awesome-lists security webserver load-balancer nginx-security -
wallarm / gotestwaf
waf,An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Organization: wallarm
Home Page: https://lab.wallarm.com/test-your-waf-before-hackers/
owasp api-security security bugbounty security-tools waf web-application-security web-application-firewall security-testing graphql-security -
-
yagamiilight / cerberus
waf,一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
User: yagamiilight
hacking-tool sql-injection xss waf proxy middleware ssrf penetration-testing security-tools websecurity
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.