# Firewalls

# Defensive Security

# Firewall Hardware

  • Netgate - Open-source company that provides high-performance and affordable appliance and software-based firewall, VPN, and routing solutions.
  • UniFi - Full-Stack Networking. Home to Enterprise grade equipment.
  • Untangle - Network Security Framework provides cloud-managed security and connectivity.

# Firewall Software

  • ClearOS - Designed for use in small and medium enterprises as a network gateway.
  • Endian - A turn-key linux security distribution that makes your system a full featured security appliance.
  • ipfire - The Open Source Firewall. last-commit
  • OPNsense - Main repository for OPNsense core. See https://opnsense.org/ for more details and prebuilt images. last-commit
  • pfSense - Main repository for pfSense. Based on FreeBSD using the pf firewall. last-commit
  • Shorewall - Shorewall is a gateway/firewall configuration tool for GNU/Linux.
  • Sophos XG - Features full protection for your home network, including anti-malware, web security and URL filtering, application control, IPS, traffic shaping, VPN, reporting and monitoring, and much more.
  • VyOS - Open source router and firewall platform. last-commit

# Web Application Firewalls (WAF)

  • Lua Resty WAF - High-performance WAF built on the OpenResty stack. last-commit
  • ModSecurity - Open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. last-commit
  • Naxsi - Open-source, high performance, low rules maintenance WAF for NGINX. last-commit
  • Predator - Anti-Automation System. last-commit
  • Shadow Daemon - The Shadow Daemon web application firewall server. last-commit
  • Vulture - An open-source WAF.

# Offensive Security

  • Awesome WAF - Known Bypasses - Known WAF bypasses
  • Abuse SSL Bypass - Bypassing WAF by abusing SSL/TLS Ciphers. last-commit
  • FTW - Framework for Testing WAFs (FTW!). last-commit
  • gotestwaf - Test different WAF for detection logic and bypasses. last-commit
  • hakoriginfinder - Tool for discovering the origin host behind a reverse proxy. last-commit
  • IdentYwaf - Blind WAF identification tool. last-commit
  • Lightbulb Framework - Tools for auditing WAFS. last-commit
  • WAF Bench - Tool to measure the performance of WAF. last-commit
  • WAF Bypass - This script will search for DNS A history records and check if the server replies for that domain. last-commit
  • WAF Ninja - Tool which contains two functions to attack Web Application Firewalls. last-commit
  • WAF Tester - WAF Testing Tool. last-commit
  • wafw00f - Allows one to identify and fingerprint WAF products protecting a website. last-commit
  • WhatWaf - Detect and bypass web application firewalls and protection systems last-commit