aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-96.46%)
JxwafJXWAF(锦衣盾)是一款开源web应用防火墙
Stars: ✭ 768 (-62.28%)
Waf🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Stars: ✭ 547 (-73.13%)
Pwn SandboxA sandbox to protect your pwn challenges being pwned in CTF AWD.
Stars: ✭ 81 (-96.02%)
Build TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (-67.78%)
TeslaTesla is a gateway service that provides dynamic routing,waf,support spring cloud,gRPC,DUBBO and more.
Stars: ✭ 109 (-94.65%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-97.64%)
AwsA collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
Stars: ✭ 493 (-75.79%)
GlueApplication Security Automation
Stars: ✭ 412 (-79.76%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+375.1%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (-38.9%)
CmsscanCMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
Stars: ✭ 775 (-61.94%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+31.97%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (-65.23%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-96.46%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-72.2%)
WafWin Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
Stars: ✭ 539 (-73.53%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (-46.91%)
ModsecurityModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
Stars: ✭ 5,015 (+146.32%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (-31.88%)
WafidWafid identify and fingerprint Web Application Firewall (WAF) products.
Stars: ✭ 39 (-98.08%)
NaxsiNAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
Stars: ✭ 3,927 (+92.88%)
Awesome Waf🔥 Everything about web-application firewalls (WAF).
Stars: ✭ 4,047 (+98.77%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (-57.37%)
CidramCIDRAM: Classless Inter-Domain Routing Access Manager.
Stars: ✭ 86 (-95.78%)
Haproxy WiWeb interface for managing Haproxy, Nginx and Keepalived servers
Stars: ✭ 823 (-59.58%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-93.71%)
Hoomanhttp interceptor to hoomanize cloudflare requests
Stars: ✭ 82 (-95.97%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (-62.13%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (-93.42%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (-64.73%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+401.57%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-94.55%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (-68.71%)
Awesome Devsecops ruПодборка выступлений и публикаций на тему DevSecOps на русском и не только)
Stars: ✭ 62 (-96.95%)
OpenwafWeb security protection system based on openresty
Stars: ✭ 563 (-72.35%)
CuriefenseCuriefense is a unified, open source platform protecting cloud native applications.
Stars: ✭ 136 (-93.32%)
Laravel FirewallWeb Application Firewall (WAF) package for Laravel
Stars: ✭ 544 (-73.28%)
IroncladWeb Application Firewall (WAF) on Kubernetes
Stars: ✭ 58 (-97.15%)
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (-74.02%)
DevsecopsThis repository contains information about DevSecOps and how to get involved in this community effort.
Stars: ✭ 103 (-94.94%)
TerragoatTerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Stars: ✭ 461 (-77.36%)
Lua Resty WafHigh-performance WAF built on the OpenResty stack
Stars: ✭ 1,053 (-48.28%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (-79.52%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (-11.49%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-80.89%)
Botwall4jA botwall for Java web applications
Stars: ✭ 41 (-97.99%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (-82.27%)
DotnetpadThe Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
Stars: ✭ 101 (-95.04%)
Xash3d FwgsXash3D FWGS engine. Rebooted fork since big Xash3D 0.99(1.0 is not yet) update.
Stars: ✭ 337 (-83.45%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (-7.61%)
Nodejsscannodejsscan is a static security code scanner for Node.js applications.
Stars: ✭ 1,874 (-7.96%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (-5.4%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (-95.19%)