ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

🔥 Web-application firewalls (WAFs) from security standpoint.

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

serve as a reverse proxy to protect your web services from attacks and exploits.

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

🔥Open source RASP solution

A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.

Collection of quality safety articles. Awesome articles.

Padrino is a full-stack ruby framework built upon Sinatra.

Detect and bypass web application firewalls and protection systems

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

🛡️ Open-source and next-generation Web Application Firewall (WAF)

High-performance WAF built on the OpenResty stack

ModSecurity v3 Nginx Connector

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

JXWAF是一款开源web应用防火墙

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

Web security protection system based on openresty

Compile NGINX from source with custom modules and patches on Debian and Ubuntu