ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
☆9,520Updated this week
Alternatives and similar repositories for ModSecurity
Users that are interested in ModSecurity are comparing it to the libraries listed below
Sorting:
- ModSecurity v3 Nginx Connector☆1,813Feb 6, 2026Updated 3 weeks ago
- OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)☆2,488Jun 16, 2020Updated 5 years ago
- OWASP CRS (Official Repository)☆2,996Updated this week
- NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX☆4,824Nov 8, 2023Updated 2 years ago
- OWASP Coraza WAF is a golang modsecurity compatible web application firewall library☆3,305Updated this week
- ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙☆4,029Mar 17, 2024Updated last year
- High-performance WAF built on the OpenResty stack☆1,313Jan 31, 2024Updated 2 years ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆14,828Updated this week
- Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥☆7,372Aug 28, 2025Updated 5 months ago
- Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OIS…☆6,009Updated this week
- OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, roo…☆5,027Feb 9, 2026Updated 2 weeks ago
- Web security protection system based on openresty☆774Mar 30, 2021Updated 4 years ago
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆7,483Feb 21, 2026Updated last week
- 🔥Open source RASP solution☆2,951Oct 2, 2025Updated 4 months ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆6,186Jan 27, 2026Updated last month
- SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.☆20,736Nov 5, 2025Updated 3 months ago
- The ZAP by Checkmarx Core project☆14,775Feb 20, 2026Updated last week
- 使用Nginx+Lua实现的WAF(版本v1.0)☆1,451Aug 7, 2023Updated 2 years ago
- Nikto web server scanner☆10,111Feb 19, 2026Updated last week
- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…☆15,301Jan 28, 2026Updated 3 weeks ago
- JXWAF是一款基于AI大模型的Web应用防火墙☆1,199Feb 10, 2026Updated 2 weeks ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,138Feb 20, 2026Updated last week
- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.☆25,359Jun 5, 2025Updated 8 months ago
- Pre-Built Vulnerable Environments Based on Docker-Compose☆20,278Feb 14, 2026Updated last week
- Metasploit Framework☆37,590Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,194Updated this week
- Source Code Security Audit (源代码安全审计)☆3,186Sep 16, 2022Updated 3 years ago
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,851Feb 22, 2023Updated 3 years ago
- 适用于中小企业的云waf☆622Jan 22, 2018Updated 8 years ago
- The pattern matching swiss knife☆9,439Feb 10, 2026Updated 2 weeks ago
- This is a webshell open source project☆10,691Dec 24, 2024Updated last year
- lua waf,nginx+lua,openresty,luajit,waf+,cdn,nginx☆1,285Oct 10, 2021Updated 4 years ago
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆12,047Feb 21, 2026Updated last week
- 巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。☆3,596Apr 16, 2024Updated last year
- A little tool to play with Windows security☆21,281May 11, 2025Updated 9 months ago
- Daemon to ban hosts that cause multiple authentication errors☆17,023Feb 12, 2026Updated 2 weeks ago
- SQL / SQLI tokenizer parser analyzer☆1,026Oct 4, 2023Updated 2 years ago
- Automatic SQL injection and database takeover tool☆36,649Feb 17, 2026Updated last week
- High Performance Web Platform Based on Nginx and LuaJIT☆13,638Feb 9, 2026Updated 2 weeks ago