647 Open source projects that are alternatives of or similar to Xwaf

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Audit tool to find common vulnerabilities in PHP source code

A botwall for Java web applications

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Lightweight In-App Web Application Firewall for PHP

🚦Web Application Firewall or API Gateway(应用防火墙/API网关)

Deploy, update, and stage your WAFs while managing them centrally via FMS.

Git All the Payloads! A collection of web attack payloads.

Collection of quality safety articles. Awesome articles.

CIDRAM: Classless Inter-Domain Routing Access Manager.

A list of useful payloads for Web Application Security and Pentest/CTF

WAF for WordPress 🔥 with 60+ security checks and weekly updates

An NGINX and ModSecurity based Web Application Firewall for Docker

Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。

Hacking tools

Detect and bypass web application firewalls and protection systems

Advanced dork Search & Mass Exploit Scanner

🔥 Everything about web-application firewalls (WAF).

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

The official PHP SDK for Shieldfy

🖤 网络安全与渗透测试工具导航

Web Application Firewall (WAF) package for Laravel

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

massive SQL injection vulnerability scanner

A collection of Bash scripts and Dockerfiles to install data science Tool, Lib and application

A multithreaded application server for PHP, written in PHP.

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Make retrieving configuration parameters super fast(7x faster than application:get_env)and stable.

Cleans HTML to avoid XSS attacks

A small tool that allows for easy virtual disk attach/detach and auto-mount.

Codefresh runtime-environment agent

Deep learning installed Shape Detector using Keras and CoreML 📱

[暂停维护]diycode android app

🎽 React Kanban Dashboard Template

SQL Vulnerability Scanner

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

Securing MEAN Stack (Angular 5) Web Application using Passport Authentication

Download and Convert YouTube, SoundCloud & Spotify in MP3 with full tags (title, artist, genre, cover, lyrics 🔥)

Python firewall.

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

Crie um aplicativo com todas as tabelas de um dos seus bancos sem uma linha de código.

📱 an app to annotate tasks made with Flutter using MobX

SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.

A python script that tells about GitHub users and repositories.

Small tool to package javascript into a valid image file.

Web interface for managing Haproxy, Nginx and Keepalived servers

Java web common vulnerabilities and security code which is base on springboot and spring security

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Browser's XSS Filter Bypass Cheat Sheet

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

ModSecurity v3 Nginx Connector

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

OroCRM - an open-source Customer Relationship Management application.

Wafid identify and fingerprint Web Application Firewall (WAF) products.

To fix the Docker and UFW security flaw without disabling iptables

Code-Audit-Challenges

Java Games and Application with awesome source code and better algorithm

A docker sidecar container to forward all traffic to local docker host or any other host

JXWAF(锦衣盾)是一款开源web应用防火墙