Open Source Web Application Firewall

Related tags

Security guardian
Overview

DEPRECATED

This repository started as a good idea but I didn't have enough time or desire to work on it. So, it's left here for historical / educational purposes, but be advised it's essentially dead code. If anyone else wants to fork and develop / maintain it, be my guest :)

Guardian Web Application Firewall

CircleCI Go Report Card

Guardian is the open source web application firewall based on ModSecurity SecRule format.

How it works!

Guardian locates in front of your web server and if incoming traffic valid then the Guardian passes it to the target server.

Diagram

Guardian Nameserver

Guardian Nameserver To route web traffic through the Guardian, update the nameservers at your domain registrar to resolve your domain’s DNS with Guardian's nameservers.

Guardian Dashboard

Guardian Dashboard To managing your rules and domains.

Docker

There is docker-compose.yml available. Builds the following apps using Dockerfiles.

  • db
    • Runs postgres image with default settings and guardiandb created in it.
  • guardian
    • Runs golang image then builds the waf from master branch. Listens 80 and 443 ports.
  • guardian_dashboard
    • Runs mcr.microsoft.com/dotnet/core/sdk:3.0 image then builds the dashboard app from master branch. Listens 8080 port.

TODO

  • General improvements & better testing
  • Usecase
You might also like...
A Go Module to interact with Passbolt, a Open source Password Manager for Teams

go-passbolt A Go Module to interact with Passbolt, a Open source Password Manager for Teams This Module tries to Support the Latest Passbolt Community

BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)
BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)

BluePhish BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish) Gophish is an open-source phishing toolkit designed for businesses and pene

 Gitrob: Putting the Open Source in OSINT
Gitrob: Putting the Open Source in OSINT

Gitrob: Putting the Open Source in OSINT Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob wil

An open source platform for inter-operable smart contracts which automatically execute
An open source platform for inter-operable smart contracts which automatically execute

CHT ❗️ For issue disclosure, check out SECURITY.md ❗️ Juno is an open source platform for inter-operable smart contracts which automatically execute,

Web-Security-Academy - Web Security Academy, developed in GO

Web-Security-Academy - Web Security Academy, developed in GO

This is simple repositry use to detect which port is open. It is a custom tool built in GO LANG.

dynamic-port-scanning-in-GO-lang This is simple repositry use to detect which port is open. It is a custom tool built in GO LANG. This is CUSTOM tool

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Lightweight static analysis for many languages. Find bugs and enforce code standards. Semgrep is a fast, open-source, static analysis tool that finds

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Comments
  • Execute response rule checks

    Execute response rule checks

    after the execution of the waf rules, we are transporting the request to the origin server. after getting response, we need execute rules for response.

    opened by asalih 2
Owner
Ahmet Salih
Ahmet Salih
crowdsec 5.6k Sep 20, 2022
Coraza WAF is a golang modsecurity compatible web application firewall library

Coraza Web Application Firewall, this project is a Golang port of ModSecurity with the goal to become the first enterprise-grade Open Source Web Application Firewall, flexible and powerful enough to serve as the baseline for many projects.

Juan Pablo Tosso 666 Sep 23, 2022
zero-trust remote firewall instrumentation

ShieldWall embraces the zero-trust principle and instruments your server firewall to block inbound connections from every IP on any port, by default.

Simone Margaritelli 177 Sep 20, 2022
Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)

wf What This is a package for controlling the Windows Filtering Platform (WFP), also known as the Windows firewall. See its docs: https://godoc.org/in

inet.af 46 Aug 15, 2022
A Declarative Cloud Firewall Reverse Proxy Solution with Companion Mobile App

A declarative Cloud firewall reverse proxy solution with inbuilt DDoS protection and alerting mechanism to protect your servers and keeping an eye on those malicious requests

null 14 Aug 10, 2022
go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data.

go-opa-validate go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data. Installation Usage Cont

chenk 5 Feb 5, 2022
mesh-kridik is an open-source security scanner that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rules.

mesh-kridik Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security scanner that performs various security checks on a

chenk 22 Aug 28, 2022
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Minify and Secure Docker containers (free and open source!) Don't change anything in your Docker container image and minify it by up to 30x making it

docker-slim 15.1k Oct 1, 2022
SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.

SingularityCE Guidelines for Contributing Pull Request Template Project License Documentation Support Citation SingularityCE is the Community Edition

Sylabs Inc. 324 Sep 30, 2022