一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hacker attacks.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

🔥 Web-application firewalls (WAFs) from security standpoint.

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

My simple Swiss Army knife for http/https troubleshooting and profiling.

🛡️ Make your web services secure by default !

Padrino is a full-stack ruby framework built upon Sinatra.

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

🔥Open source RASP solution

Detect and bypass web application firewalls and protection systems

Collection of quality safety articles. Awesome articles.

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

ModSecurity v3 Nginx Connector

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

Xash3D FWGS engine.

High-performance WAF built on the OpenResty stack