Open Source Web Application Firewall

DEPRECATED

This repository started as a good idea but I didn't have enough time or desire to work on it. So, it's left here for historical / educational purposes, but be advised it's essentially dead code. If anyone else wants to fork and develop / maintain it, be my guest :)

Guardian Web Application Firewall

CircleCI Go Report Card

Guardian is the open source web application firewall based on ModSecurity SecRule format.

How it works!

Guardian locates in front of your web server and if incoming traffic valid then the Guardian passes it to the target server.

Diagram

Guardian Nameserver

Guardian Nameserver To route web traffic through the Guardian, update the nameservers at your domain registrar to resolve your domain’s DNS with Guardian's nameservers.

Guardian Dashboard

Guardian Dashboard To managing your rules and domains.

Docker

There is docker-compose.yml available. Builds the following apps using Dockerfiles.

  • db
    • Runs postgres image with default settings and guardiandb created in it.
  • guardian
    • Runs golang image then builds the waf from master branch. Listens 80 and 443 ports.
  • guardian_dashboard
    • Runs mcr.microsoft.com/dotnet/core/sdk:3.0 image then builds the dashboard app from master branch. Listens 8080 port.

TODO

  • General improvements & better testing
  • Usecase
Owner
Ahmet Salih
Ahmet Salih
https://github.com/asalih/guardian
Similar Resources

A Go Module to interact with Passbolt, a Open source Password Manager for Teams

go-passbolt A Go Module to interact with Passbolt, a Open source Password Manager for Teams This Module tries to Support the Latest Passbolt Community

Oct 29, 2022

BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)

BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)

BluePhish BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish) Gophish is an open-source phishing toolkit designed for businesses and pene

Jun 1, 2022

Gitrob: Putting the Open Source in OSINT

Gitrob: Putting the Open Source in OSINT

Gitrob: Putting the Open Source in OSINT Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob wil

Dec 28, 2022

An open source platform for inter-operable smart contracts which automatically execute

An open source platform for inter-operable smart contracts which automatically execute

CHT ❗️ For issue disclosure, check out SECURITY.md ❗️ Juno is an open source platform for inter-operable smart contracts which automatically execute,

Sep 21, 2022

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

depsdev CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security sig

May 11, 2023

Web-Security-Academy - Web Security Academy, developed in GO

Web-Security-Academy - Web Security Academy, developed in GO

Feb 23, 2022

This is simple repositry use to detect which port is open. It is a custom tool built in GO LANG.

dynamic-port-scanning-in-GO-lang This is simple repositry use to detect which port is open. It is a custom tool built in GO LANG. This is CUSTOM tool

Jan 25, 2022

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Lightweight static analysis for many languages. Find bugs and enforce code standards. Semgrep is a fast, open-source, static analysis tool that finds

Jan 9, 2023

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Dec 10, 2022
Comments
  • Execute response rule checks

    Execute response rule checks

    after the execution of the waf rules, we are transporting the request to the origin server. after getting response, we need execute rules for response.

Related tags
Security guardian
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.
 CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.

?? Documentation ?? Configuration Hub ?? Discourse (Forum) ?? Gitter (Live chat) ?? This is a community driven project, we need your feedback. <TL;DR>

Jan 5, 2023
Coraza WAF is a golang modsecurity compatible web application firewall library
 Coraza WAF is a golang modsecurity compatible web application firewall library

Coraza Web Application Firewall, this project is a Golang port of ModSecurity with the goal to become the first enterprise-grade Open Source Web Application Firewall, flexible and powerful enough to serve as the baseline for many projects.

Jan 9, 2023
Akuma Scan comes with the purpose of scanning/detecting WAF (Web Application Firewall) on a certain website. Made to be easy, accurate and agile.

.m. ,_ ' ;M; ,;m ` ;M;.

Mar 21, 2022
zero-trust remote firewall instrumentation
 zero-trust remote firewall instrumentation

ShieldWall embraces the zero-trust principle and instruments your server firewall to block inbound connections from every IP on any port, by default.

Jan 1, 2023
Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)

wf What This is a package for controlling the Windows Filtering Platform (WFP), also known as the Windows firewall. See its docs: https://godoc.org/in

Dec 6, 2022
A Declarative Cloud Firewall Reverse Proxy Solution with Companion Mobile App
 A Declarative Cloud Firewall Reverse Proxy Solution with Companion Mobile App

A declarative Cloud firewall reverse proxy solution with inbuilt DDoS protection and alerting mechanism to protect your servers and keeping an eye on those malicious requests

Aug 10, 2022
go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data.
 go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data.

go-opa-validate go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data. Installation Usage Cont

Nov 17, 2022
mesh-kridik is an open-source security scanner that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rules.
 mesh-kridik is an open-source security scanner that performs various security checks on a Kubernetes cluster with istio service mesh and is leveraged by OPA (Open Policy Agent) to enforce security rules.

mesh-kridik Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security scanner that performs various security checks on a

Dec 14, 2022
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
 DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Minify and Secure Docker containers (free and open source!) Don't change anything in your Docker container image and minify it by up to 30x making it

Dec 27, 2022
SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.

SingularityCE Guidelines for Contributing Pull Request Template Project License Documentation Support Citation SingularityCE is the Community Edition

Jan 5, 2023