waf

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…

🔥 Web-application firewalls (WAFs) from security standpoint.

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

My simple Swiss Army knife for http/https troubleshooting and profiling.

Padrino is a full-stack ruby framework built upon Sinatra.

🔥Open source RASP solution

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

Detect and bypass web application firewalls and protection systems

Collection of quality safety articles. Awesome articles.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

ModSecurity v3 Nginx Connector

High-performance WAF built on the OpenResty stack

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Janusec Application Gateway, an application security solution which provides ACME HTTPS, K8S Ingress Controller, WAF (Web Application Firewall), CC defense, OAuth2 Authentication and load balancing. Janusec应用网关，提供ACME自动化证书与HTTPS接入、K8S Ingress控制器、WAF (Web Application Firewall)、CC防御、OAuth2身份认证、负载均衡等功能。

JXWAF(锦衣盾)是一款开源web应用防火墙

Code-Audit-Challenges

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library