ModsecurityModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
Stars: ✭ 5,015 (+19960%)
waf-brainMachine Learning WAF Based
Stars: ✭ 74 (+196%)
ModSecurityCRSImplementation of ModSecurity, Core Rule Set (CRS) on Apache server. ModSecurity, sometimes called Modsec, is an open-source web application firewall. ModSecurity was installed and configured on an Ubuntu VM using Virtual Box
Stars: ✭ 24 (-4%)
ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (+324%)
CidramCIDRAM: Classless Inter-Domain Routing Access Manager.
Stars: ✭ 86 (+244%)
Build TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (+2524%)
Laravel FirewallWeb Application Firewall (WAF) package for Laravel
Stars: ✭ 544 (+2076%)
AwsA collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
Stars: ✭ 493 (+1872%)
Openrasp🔥Open source RASP solution
Stars: ✭ 2,036 (+8044%)
Awesome Waf🔥 Everything about web-application firewalls (WAF).
Stars: ✭ 4,047 (+16088%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+2984%)
DotnetpadThe Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
Stars: ✭ 101 (+304%)
OpenwafWeb security protection system based on openresty
Stars: ✭ 563 (+2152%)
Docker WafAn NGINX and ModSecurity based Web Application Firewall for Docker
Stars: ✭ 181 (+624%)
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (+2016%)
Hoomanhttp interceptor to hoomanize cloudflare requests
Stars: ✭ 82 (+228%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+1456%)
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
Stars: ✭ 222 (+788%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+4224%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+13760%)
JugglerA system that may trick hackers. 一个也许能骗到黑客的系统。
Stars: ✭ 321 (+1184%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (+992%)
CuriefenseCuriefense is a unified, open source platform protecting cloud native applications.
Stars: ✭ 136 (+444%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (+92%)
nginx-lua-wafNginx-Lua-WAF是一款基于Nginx的使用Lua语言开发的灵活高效的Web应用层防火墙
Stars: ✭ 58 (+132%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+5448%)
JxwafJXWAF(锦衣盾)是一款开源web应用防火墙
Stars: ✭ 768 (+2972%)
WafpassAnalysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
Stars: ✭ 184 (+636%)
BlazyBlazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Stars: ✭ 637 (+2448%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (+292%)
Waf🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Stars: ✭ 547 (+2088%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+788%)
WafWin Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
Stars: ✭ 539 (+2056%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+4876%)
EdgeAdminCDN & WAF集群管理系统。
Stars: ✭ 199 (+696%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (+1568%)
Pwn SandboxA sandbox to protect your pwn challenges being pwned in CTF AWD.
Stars: ✭ 81 (+224%)
NaxsiNAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
Stars: ✭ 3,927 (+15608%)
ingressKubernetes Ingress controller with integrated Wallarm services
Stars: ✭ 31 (+24%)
Xash3d FwgsXash3D FWGS engine. Rebooted fork since big Xash3D 0.99(1.0 is not yet) update.
Stars: ✭ 337 (+1248%)
IroncladWeb Application Firewall (WAF) on Kubernetes
Stars: ✭ 58 (+132%)
Padrino FrameworkPadrino is a full-stack ruby framework built upon Sinatra.
Stars: ✭ 3,310 (+13140%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (+7424%)
IdentywafBlind WAF identification tool
Stars: ✭ 291 (+1064%)
Lua Resty WafHigh-performance WAF built on the OpenResty stack
Stars: ✭ 1,053 (+4112%)
Fomalhaut🚀 A Simple API Gateway for Building Security and Flexible Microservices.
Stars: ✭ 272 (+988%)
Wafw00fWAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Stars: ✭ 2,983 (+11832%)
Botwall4jA botwall for Java web applications
Stars: ✭ 41 (+64%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (+436%)
broomA disk cleaning utility for developers.
Stars: ✭ 38 (+52%)
WafidWafid identify and fingerprint Web Application Firewall (WAF) products.
Stars: ✭ 39 (+56%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (+28%)
k8s-lempLEMP stack in a Kubernetes cluster
Stars: ✭ 74 (+196%)
Haproxy WiWeb interface for managing Haproxy, Nginx and Keepalived servers
Stars: ✭ 823 (+3192%)
nginx-moreDevelopment repository for nginx-more package
Stars: ✭ 96 (+284%)
Raptor wafRaptor - WAF - Web application firewall using DFA [ Current version ] - Beta
Stars: ✭ 246 (+884%)