serve as a reverse proxy to protect your web services from attacks and exploits.

🛡️ Open-source and next-generation Web Application Firewall (WAF)

🔥 Web-application firewalls (WAFs) from security standpoint.

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Detect and bypass web application firewalls and protection systems

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Web security protection system based on openresty

BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.

A powerful PHP WAF for AWD

All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity, online demo: https://door.caswaf.com

A tool to perform DNS reconnaissance on target networks. Among the DNS information got from include subdomains, mx records, web application firewall detection and more fingerprinting and lookups

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

A guided mutation-based fuzzer for ML-based Web Application Firewalls