serve as a reverse proxy to protect your web services from attacks and exploits.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

🛡️ Open-source and next-generation Web Application Firewall (WAF)

🔥 Web-application firewalls (WAFs) from security standpoint.

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

My simple Swiss Army knife for http/https troubleshooting and profiling.

Padrino is a full-stack ruby framework built upon Sinatra.

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

🔥Open source RASP solution

Detect and bypass web application firewalls and protection systems

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Collection of quality safety articles. Awesome articles.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

ModSecurity v3 Nginx Connector

Xash3D FWGS engine

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块

Modified source engine (2017) developed by valve and leaked in 2020. Not for commercial purporses