web-application-firewall
Enterprise-grade open source web application firewall library. Coraza is an open source, high performance, Web Application Firewall ready to protect your beloved applications.
Check your WAF before an attacker does this one.
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community.
Real-time HTTP Intrusion Detection.
teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. ❤️
Open source and next generation Web Application Firewall.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF).
Related contents:
Automatic Open Source WAF & API Security.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs.
the Best WAF for Webmaster. Secure Everything on Your Web Applications.A simple, lightweight, self-hosted WAF that protects your website from cyber attacks.
serve as a reverse proxy to protect your web services from attacks and exploits.
Related contents:
Automated OWASP CRS and Bad Bot Detection for Caddy, Nginx, Apache, Traefik and HaProxy.
Automate the scraping of OWASP Core Rule Set (CRS) patterns and convert them into Apache, Nginx, Caddy, Traefik, and HAProxy WAF configurations. Additionally, Bad Bot/User-Agent detection is integrated to block malicious web crawlers and scrapers.
Elevate Your Linux Server Security with all-in-one AI-Driven Security.
Server security suite managed from a centralized dashboard containing an AI-powered Linux malware scanner, robust IP reputation, advanced WAF, and a dynamic defense network.
This is a tarpit intended to catch web crawlers. Specifically, it's targetting crawlers that scrape data for LLM's - but really, like the plants it is named after, it'll eat just about anything that finds it's way inside.
It works by generating an endless sequences of pages, each of which with dozens of links, that simply go back into a the tarpit. Pages are randomly generated, but in a deterministic way, causing them to appear to be flat files that never change. Intentional delay is added to prevent crawlers from bogging down your server, in addition to wasting their time. Lastly, optional Markov-babble can be added to the pages, to give the crawlers something to scrape up and train their LLMs on, hopefully accelerating model collapse.
Related contents:
Anubis: self hostable scraper defense software.
Weighs the soul of incoming HTTP requests using proof-of-work to stop AI crawlers.
Related contents:
- Block AI scrapers with Anubis @ Xe.
- Episode 146: When AI Attacks @ Self-Hosted.
- The surreal joy of having an overprovisioned homelab @ Xe.
- Open source devs are fighting AI crawlers with cleverness and vengeance @ TechCrunch.
- [Anubis] Utiliser la preuve de travail pour bloquer les robots @ Pofilo.fr :fr:.
- The Day Anubis Saved Our Websites From a DDoS Attack @ fabulous.systems.
- Protéger tous ses sites avec Anubis @ Dryusdan.space 🚀.
- A thought on JavaScript "proof of work" anti-scraper systems @ Wandering Thoughts.
- Anubis - Protégez votre site web contre les scrapers IA en moins de 15 minutes @ Korben :fr:.
- Ask HN: How to stop an AWS bot sending 2B requests/month? @ Hacker News.
- Comment protéger vos serveurs et lutter efficacement contre les crawlers d’IA @ Bearstech :fr:.
Don't hit the south wall, don't turn back. An industry-leading free, high-performance, AI and semantic technology web application and API security protection product.
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched by UUSEC Technology, which first realizes the three-layer defense function of traffic layer, system layer, and runtime layer.
Link-based access control for Immich, NextCloud and Paperless. After verifying a URL "knock" on a share link, Sneak Link issues a cookie that grants access to a protected service. No IP whitelisting required.
NOVA: The Prompt Pattern Matching. NOVA is a Python-based tool for detecting adversarial prompts - prompt injections, exfiltration, evasion and TTPs.
NOVA is an open-source prompt pattern matching system combining keyword detection, semantic similarity, and LLM-based evaluation to analyze and detect prompt content.
Related contents:
Your Complete Security Operations Platform
Open-source SIEM, CSPM, WAF, and threat intelligence. From git clone to running security scans in just 5 minutes. No vendor lock-in. No complex setup.
Security proxy for AI agents. Scans every message for prompt injection, PII, and secrets. Defense-in-depth: Go proxy + iptables firewall + eBPF kernel monitor. YAML policy engine, audit logging, 5 AI agents with RAG knowledge bases.
Security proxy for AI agents. Sits in front of OpenClaw and scans every message for prompt injection, PII leaks, and secrets — before they reach the model or leave the network.
Anti-scraper challenge for haproxy to stop naughty AI bots.
This is a simple anti-scraper solution for haproxy, using a similar "hashcash" challenge as anubis uses. The goal is to be as simple as possible, so this can be implemented alongside other haproxy rules to control traffic.