Search Results for "firewalls"
Sort By:
Showing 240 open source projects for "firewalls"
View related business solutions-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
ModSecurity
Cross platform web application firewall (WAF) engine for Apache
ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web... -
2
Netmaker
Netmaker makes networks with WireGuard
...Netmaker is better, faster, and more secure. Netmaker automates a secure superhighway between devices, clouds, virtual machines, and servers using WireGuard. It blows past any NAT’s, firewalls, or subnets that stand between them. Devices are scattered across data centers, offices, clouds, clusters, and more. Distinct networks separate them, each with different management rules. Connecting machines across environments means setting up gateways, firewalls, and tunnels, often manually. -
3
WAF package for Laravel
Web Application Firewall (WAF) package for Laravel
This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi, RFI, LFI, User Agent, and a lot more. It will also block repeated attacks and send notifications via email and/or slack when an attack is detected. Furthermore, it will log failed logins and block the IP after a number of attempts. Some middleware classes (i.e. Xss) are empty as the Middleware abstract class that they extend does all of the job, dynamically. In short, they all work. -
4
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details,... -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
Handy, High-performance Nginx firewall module. Such as black and white list of IPs or IP range, uri black and white list, and request body black list, etc. Directives and rules are easy to write and readable. The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them... -
6
Serverless Appsync Plugin
Serverless plugin for appsync
Deploy AppSync API's in minutes using this Serverless plugin. This plugin exports some handy variables that you can use in your yml files to reference some values generated by CloudFormation. This plugin adds some useful CLI commands. AppSync is currently using an older version of the Graphql Specs. This plugin intends to use modern schemas for future-proofing. Incompatibilities will either be dropped or attempted to be fixed. Old-style descriptions (using #) are supported by AppSync but... -
7
Open Source API Firewall by Wallarm
Fast and light-weight API proxy firewall for request and response
API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else. -
8
Pangolin
Identity-Aware Tunneled Reverse Proxy Server with Dashboard UI
Pangolin is an open-source, self-hosted tunneled reverse proxy server that brings identity-aware access control and dashboard management to exposing private services securely. It allows you to connect applications and resources behind firewalls or NATs to a central hub, using encrypted tunnels rather than opening public ports or relying entirely on VPNs. With Pangolin you can route traffic from across distributed networks, enforce contextual access rules (such as SSO, geolocation, time of day, IP restrictions), and manage all of your exposed resources in one dashboard. ... -
9
Tailscale
The easiest, most secure way to use WireGuard and 2FA
Tailscale is an open-source zero-configuration VPN and networking solution that makes it simple to create secure, private networks across devices by leveraging WireGuard under the hood. It lets users connect computers, servers, mobile devices, and cloud instances together with peer-to-peer encrypted tunnels without dealing with complex firewalls, NAT rules, or key distribution headaches. Instead of traditional VPN server infrastructure, Tailscale uses a coordination service to authenticate devices and exchange connection information, enabling automatic NAT traversal and minimal manual setup. The project includes a daemon (tailscaled) and a CLI tool that run on major operating systems, and it also forms the basis for the official clients on platforms like iOS and Android, though those have GUI wrappers not fully in this repository. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
Tempesta FW
All-in-one solution for high performance web content delivery
Tempesta FW is an all-in-one open-source solution for high performance web content delivery and advanced protection against DDoS and web attacks. This is a drop-in-replacement for the whole web server frontend infrastructure: an HTTPS load balancer, a web accelerator, a DDoS mitigation system, and a web application firewall (WAF). Tempesta FW is the first and only hybrid of a Web accelerator and a multi-layer firewall. This unique architecture provides seamless integration with the Linux... -
11
socket.io
Realtime application framework (Node.JS server)
socket.io is a JavaScript library that allows for realtime, bi-directional communication between web clients and servers. It is composed of two parts: a Node.js server and a JavaScript client library that runs in the browser. socket.io is focused on both reliability and speed, delivering an immensely powerful, fast and yet easy to use realtime engine that’s used by just about everyone: from Microsoft Office and Zendesk to hackathon winners and small startups. It’s considered one of the... -
12
Lantern
Tool to access videos, messaging, and other popular apps
Can't access your favorite apps? Download Lantern to easily access videos, messaging, and other popular apps while at school or work. Lantern is an application that allows you to bypass firewalls to use your favorite applications and access your favorite websites. Lantern does not cooperate with any law enforcement in any country. Lantern encrypts all of your traffic to blocked sites and services to protect your data and privacy. Lantern passed multiple third party white box security audits to ensure security of our code. ... -
13
Narrowlink
A self-hosted solution to enable secure connectivity between devices
Narrowlink is a zero-config tunneling and reverse proxy solution that enables secure access to services behind firewalls or NATs without exposing public IPs. Unlike traditional tools like ngrok, Narrowlink is peer-to-peer and privacy-focused, using WireGuard and WebRTC to establish direct encrypted tunnels between peers. It is designed to make exposing local services simple, fast, and secure with no need for port forwarding or cloud relays. Narrowlink is ideal for developers, self-hosters, and remote teams looking for frictionless, encrypted connectivity. -
14
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of... -
15
NSmartProxy
NSmartProxy is an open source reverse proxy tool
NSmartProxy is a reverse proxy system that enables external access to devices or applications behind NAT/firewalls without requiring public IPs or router configuration. It’s designed to work with desktop and server apps, and includes a centralized SmartNode server that helps initiate and maintain tunnel connections. This makes it ideal for remote access to local services or self-hosted applications. NSmartProxy supports both TCP and UDP protocols, making it versatile for a wide range of network needs. -
16
bore
bore is a simple CLI tool for making tunnels to localhost
A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does, no more and no less. This will expose your local port at localhost:8000 to the public internet at bore.pub:<PORT>, where the port number is assigned randomly. Similar to localtunnel and ngrok, except bore is intended to be a highly efficient, unopinionated tool for forwarding TCP traffic that is simple to install and easy to self-host, with no frills attached. ... -
17
rallyup
rallyup is a lightweight Wake-On-LAN (WOL) scheduler
rallyup is a lightweight Wake-On-LAN (WOL) scheduler and dependency manager designed for small businesses and home labs. It ensures that infrastructure services like firewalls, storage, and hypervisors are brought online in the correct order, particularly after events like power outages. A typical setup involves configuring most of the infrastructure for WOL but not for Wake-On-Power, and setting rallyup to run on startup on a low-power device like a Raspberry Pi. When you need to bring the entire environment online, simply power on the device running rallyup, and the rest of the infrastructure will automatically follow in the correct order. -
18
FireHOL
A firewall for humans.
FireHOL is a language (and a program to run it) that builds secure, stateful firewalls from easy-to-understand, human-readable configurations. The configurations stay readable even for very complex setups. FireQOS is a program that sets up traffic shaping from an easy-to-understand and flexible configuration file. Both programs abstract away the differences between IPv4 and IPv6. so you can concentrate on the rules you want. -
19
Hyprspace
A Lightweight VPN Built on top of IPFS + Libp2p
...Libp2p is a networking library created by Protocol Labs that allows nodes to discover each other using a Distributed Hash Table. Paired with NAT hole punching this allows Hyprspace to create a direct encrypted tunnel between two nodes even if they're both behind firewalls. Moreover! Each node doesn't even need to know the other's ip address prior to starting up the connection. This makes Hyprspace perfect for devices that frequently migrate between locations but still require a constant virtual ip address. -
20
macOS-Security-and-Privacy-Guide
Community guide to securing and improving privacy on macOS
...It emphasizes a layered approach to security, highlighting that no single tool or technique can guarantee complete protection. The content includes step-by-step recommendations for configuring macOS features such as FileVault, firewalls, and system integrity protections. It also addresses broader topics such as secure browsing, communication tools, and data backup strategies. The guide is continuously updated to reflect modern security challenges and evolving threats. -
21
A to Z of Networking for DevOps
Learn Networking from A to Z at one place with realtime examples
...The guide breaks topics down into clear, digestible markdown files that include simple definitions, common use cases, and essential command-line examples, which makes the material approachable even if you are just starting out. It covers the full stack of networking concerns, such as DNS, HTTP/S protocols, load balancing, firewalls, VPNs, proxies, CDNs, and more, all with a practical orientation toward how these systems operate in real infrastructure. -
22
GeoIP
This project automatically generates GeoIP files in multiple formats
GeoIP is a community-maintained project that generates and publishes enhanced GeoIP/Geo-database and IP-location/routing data in multiple formats (e.g. V2Ray .dat, MaxMind .mmdb, and others) to support proxy, VPN, or routing tools requiring IP-to-country/region resolution. Rather than depending solely on the official GeoLite2 data, geoip augments and merges data sources (especially for certain regions) to improve coverage or tailor by use-case (e.g. proxy-specific rules, private networks, or... -
23
SMTP Tunnel Proxy
A high-speed covert tunnel that disguises TCP traffic as SMTP email
SMTP Tunnel Proxy is a high-speed covert tunneling proxy that disguises regular TCP traffic as legitimate SMTP email communication to evade deep packet inspection (DPI) firewalls and censorship systems. It implements a SOCKS5 proxy interface on the client that wraps outbound traffic into an SMTP-like handshake (EHLO, STARTTLS, AUTH) and encrypted payload, making the session appear to DPI systems as a normal email exchange. The tool supports modern TLS encryption (STARTTLS) with HMAC-SHA256 authentication, per-user secrets, IP whitelisting, and multiplexed connections over a single tunnel. ... -
24
cunicu
A zeroconf peer-to-peer mesh VPN using Wireguard
...Hence, it adopts the design goals of the WireGuard project, to be simple and easy to use. Thanks to Interactive Connectivity Establishment (ICE), cunīcu is capable of establishing direct connections between peers that are located behind NAT firewalls such as home routers. In situations where ICE fails, or direct UDP connectivity is not available, cunīcu falls back to using TURN relays to reroute traffic over an intermediate hop or encapsulate the WireGuard traffic via TURN-TCP. -
25
Network Flight Simulator
A utility to safely generate malicious network traffic patterns
flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns.
