ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (+43.24%)
coraza-caddyOWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
Stars: ✭ 75 (+1.35%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (-1.35%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-2.7%)
waflabA web-based testing platform for WAF (Web Application Firewall)'s correctness
Stars: ✭ 25 (-66.22%)
ModsecurityModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
Stars: ✭ 5,015 (+6677.03%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (+81.08%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (+32.43%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-45.95%)
Pwn SandboxA sandbox to protect your pwn challenges being pwned in CTF AWD.
Stars: ✭ 81 (+9.46%)
Lua Resty WafHigh-performance WAF built on the OpenResty stack
Stars: ✭ 1,053 (+1322.97%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+1774.32%)
cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (+108.11%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+1581.08%)
Hoomanhttp interceptor to hoomanize cloudflare requests
Stars: ✭ 82 (+10.81%)
IroncladWeb Application Firewall (WAF) on Kubernetes
Stars: ✭ 58 (-21.62%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+200%)
Botwall4jA botwall for Java web applications
Stars: ✭ 41 (-44.59%)
crAPIcompletely ridiculous API (crAPI)
Stars: ✭ 549 (+641.89%)
Wafw00fWAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Stars: ✭ 2,983 (+3931.08%)
Haproxy WiWeb interface for managing Haproxy, Nginx and Keepalived servers
Stars: ✭ 823 (+1012.16%)
WafpassAnalysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
Stars: ✭ 184 (+148.65%)
JxwafJXWAF(锦衣盾)是一款开源web应用防火墙
Stars: ✭ 768 (+937.84%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+760.81%)
TeslaTesla is a gateway service that provides dynamic routing,waf,support spring cloud,gRPC,DUBBO and more.
Stars: ✭ 109 (+47.3%)
SlidesThe repo contains all the slide deck that was used during my presentation at various webinars, conferences, and meetups.
Stars: ✭ 56 (-24.32%)
DotnetpadThe Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
Stars: ✭ 101 (+36.49%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-51.35%)
CidramCIDRAM: Classless Inter-Domain Routing Access Manager.
Stars: ✭ 86 (+16.22%)
headersAn application to catch, search and analyze HTTP secure headers.
Stars: ✭ 59 (-20.27%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+10079.73%)
Waf🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Stars: ✭ 547 (+639.19%)
Raptor wafRaptor - WAF - Web application firewall using DFA [ Current version ] - Beta
Stars: ✭ 246 (+232.43%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+1360.81%)
nginx-moreDevelopment repository for nginx-more package
Stars: ✭ 96 (+29.73%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-35.14%)
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Stars: ✭ 222 (+200%)
WafidWafid identify and fingerprint Web Application Firewall (WAF) products.
Stars: ✭ 39 (-47.3%)
SksSecurity Knowledge Structure(安全知识汇总)
Stars: ✭ 205 (+177.03%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+941.89%)
ingressKubernetes Ingress controller with integrated Wallarm services
Stars: ✭ 31 (-58.11%)
Build TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (+786.49%)
Docker WafAn NGINX and ModSecurity based Web Application Firewall for Docker
Stars: ✭ 181 (+144.59%)
OpenwafWeb security protection system based on openresty
Stars: ✭ 563 (+660.81%)
Laravel FirewallWeb Application Firewall (WAF) package for Laravel
Stars: ✭ 544 (+635.14%)
Openrasp🔥Open source RASP solution
Stars: ✭ 2,036 (+2651.35%)
WafWin Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
Stars: ✭ 539 (+628.38%)
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (+614.86%)
multi-juicerRun Capture the Flags and Security Trainings with OWASP Juice Shop
Stars: ✭ 179 (+141.89%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (+2441.89%)
AwsA collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
Stars: ✭ 493 (+566.22%)
raiderOWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
Stars: ✭ 88 (+18.92%)