The Wayback Machine - https://web.archive.org/web/20210731195601/https://github.com/topics/waf

#

waf

Here are 302 public repositories matching this topic...

SpiderLabs / ModSecurity

Star

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

nginx apache waf apache2 modsecurity

Updated Jul 30, 2021
C++

nbs-system / naxsi

Star

Open

Unable to update the GeoIP database

1

tealord commented Jan 29, 2019

Since maxmind no longer provides the legacy GeoIP databases could it might be possible to update the nxtool to use GeoIP2?

Read more

good first issue help wanted

Open

Make the testsuite run on various linux flavors

Open

Naxsi encoding / character in EXLOG but not FMT

1

Find more good first issues →

0xInfection / Awesome-WAF

Star

🔥 Everything about web-application firewalls (WAF).

awesome firewall waf awesome-list web-application-firewall waf-test bypass-waf waf-detection waf-bypass waf-testing waf-fingerprints

Updated Jul 27, 2021
Python

trimstray / htrace.sh

Star

My simple Swiss Army knife for http/https troubleshooting and profiling.

waf http-requests nmap testing-tools redirect-urls debugging-tools security-tools ssllabs-scan nmap-scripts swissarmyknife mozilla-observatory testssl httptracer https-troubleshoting sublist3r

Updated Feb 10, 2021
Shell

padrino / padrino-framework

Star

Padrino is a full-stack ruby framework built upon Sinatra.

ruby waf padrino

Updated Jul 24, 2021
Ruby

EnableSecurity / wafw00f

Star

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

waf fingerprint waffit web-application-firewall

Updated Jun 30, 2021
Python

baidu / openrasp

Star

🔥Open source RASP solution

security waf devsecops openrasp

Updated Jul 26, 2021
C++

Ekultek / WhatWaf

Star

Detect and bypass web application firewalls and protection systems

firewall detection waf web-application fingerprinting bypass web-application-firewall web-application-firewall-bypassing

Updated Oct 17, 2020
Python

tom0li / collection-document

Star

Collection of quality safety articles. Awesome articles.

Updated Apr 19, 2021

al0ne / Vxscan

Star

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

python tools cdn detection waf fingerprint python3 identification scan-tool pentest portscan port-scanning security-tools directory-scanning poc-scanning website-fingerprint fingerprint-recognition-error

Updated Jan 2, 2020
Python

Mr-xn / BurpSuite-collections

Star

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

jar waf pentesting sqlmap burpsuite burp-extensions hacktool pentest-tool sendto hackbar burpsuite-extender burpsuite-tools j2eescan burp-requests python-burp burpsuite-xkeys shiro-burp burpsuite-java

Updated Jul 28, 2021
Python

p0pr0ck5 / lua-resty-waf

Star

High-performance WAF built on the OpenResty stack

lua waf openresty modsecurity nginx-lua lua-resty-waf

Updated Dec 30, 2020
Perl

hap-wi / roxy-wi

Star

Web interface for managing Haproxy, Nginx and Keepalived servers

Updated Jul 23, 2021
JavaScript

SpiderLabs / ModSecurity-nginx

Star

ModSecurity v3 Nginx Connector

nginx waf modsecurity modsecurity-nginx nginx-connector libmodsecurity

Updated Jun 7, 2021
Perl

Janusec / janusec

Star

Janusec Application Gateway, Provides Fast and Secure Application Delivery (Authentication, WAF/CC, HTTPS and ACME automatic certificates). JANUSEC应用网关，提供快速、安全的应用交付（身份认证, WAF/CC, HTTPS以及ACME自动证书）。

go golang security acme gateway waf sql-injection application-security web-application-firewall port-forwarding web-application-security web-ssh application-gateway load-balance janusec-application-gateway janusec

Updated Jul 19, 2021
Go

CHYbeta / Code-Audit-Challenges

Star

Code-Audit-Challenges

nodejs python php security sql waf ctf audit-challenges

Updated Nov 17, 2018

jx-sec / jxwaf

Star

JXWAF(锦衣盾)是一款开源web应用防火墙

waf openresty nginx-lua jxwaf

Updated Apr 8, 2021
Lua

TeaWeb / build

Star

TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777

visualization api golang statistics monitor web log server proxy http2 waf fastcgi

Updated Dec 11, 2020
Go

s0md3v / Blazy

Star

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

scanner waf bruteforce detector cloudflare brute-force sql-injection csrf clickjacking

Updated May 5, 2019
Python

chengdedeng / waf

Star

🚦Web Application Firewall or API Gateway(应用防火墙/API网关)

security firewall http-proxy waf littleproxy

Updated Dec 11, 2020
Java

titansec / OpenWAF

Star

Web security protection system based on openresty

nginx web lua waf openresty cc web-application-firewall nginx-lua http-flood openwaf

Updated Mar 30, 2021
C

akaunting / laravel-firewall

Star

Web Application Firewall (WAF) package for Laravel

php security laravel whitelist blacklist firewall waf akaunting

Updated Jun 10, 2021
PHP

jbe2277 / waf

Star

Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.

android ios framework xamarin csharp dotnet uwp wpf mvvm waf architectural-patterns maui winui

Updated Jul 30, 2021
C#

swoodford / aws

Star

A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.

Updated Dec 19, 2020
Shell

nccgroup / BurpSuiteHTTPSmuggler

Star

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

waf bypass burpsuite burpsuite-extender

Updated May 4, 2019
Java

wallarm / awesome-nginx-security

Star

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

nginx kubernetes security webserver waf load-balancer apigateway application-security awesome-list naxsi modsecurity nginx-server nginx-configuration mod-security awesome-lists nginx-security api-security nginx-environment

Updated Sep 25, 2020

YagamiiLight / Cerberus

Star

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

python middleware proxy waf xss penetration-testing sql-injection bypass hacking-tool ssrf security-tools websecurity

Updated Jan 5, 2020
Python

FWGS / xash3d-fwgs

Star

Xash3D FWGS engine. Rebooted fork since big Xash3D 0.99(1.0 is not yet) update.

waf crossplatform xash3d-engine xash3d-fwgs

Updated Jul 31, 2021
C

C4o / Juggler

Star

A system that may trick hackers. 一个也许能骗到黑客的系统。

golang lua waf hacker

Updated Nov 29, 2020
Go

ds19991999 / SecBox

Star

🖤 网络安全与渗透测试工具导航

sql tool waf xss secure php-webshell web-sql

Updated Feb 4, 2021

Improve this page

Add a description, image, and links to the waf topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the waf topic, visit your repo's landing page and select "manage topics."