Search Results for "firewall rule analyzer"
Sort By:
Showing 77 open source projects for "firewall rule analyzer"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
The All-in-One Commerce Platform for Businesses - ShopifyShopify is a leading all-in-one commerce platform that enables businesses to start, build, and grow their online and physical stores. It offers tools to create customized websites, manage inventory, process payments, and sell across multiple channels including online, in-person, wholesale, and global markets. The platform includes integrated marketing tools, analytics, and customer engagement features to help merchants reach and retain customers. Shopify supports thousands of third-party apps and offers developer-friendly APIs for custom solutions. With world-class checkout technology, Shopify powers over 150 million high-intent shoppers worldwide. Its reliable, scalable infrastructure ensures fast performance and seamless operations at any business size.
-
1
MemProcFS Analyzer
Automated Forensic Analysis of Windows Memory Dumps for DFIR
MemProcFS-Analyzer is a forensic analysis toolset that builds on the MemProcFS virtual filesystem to make volatile memory artefacts easier to browse and interpret. By exposing process memory, kernel objects, and derived artifacts as regular files, the framework lets analysts use familiar filesystem operations and standard tools (editors, grep, diff) to explore memory snapshots. The Analyzer layer adds higher-level parsing and extraction routines—for example, carving strings, locating injected... -
2
OpenWrt PassWall
OpenWRT plugin that provides proxy routing management
openwrt-passwall is a comprehensive OpenWRT plugin that provides proxy routing management for internet traffic. It integrates with various tools and protocols like Shadowsocks, V2Ray, XRay, and Trojan to bypass censorship and optimize network performance. Designed for advanced users and network administrators, Passwall features a full-featured web UI and dynamic rules for routing and DNS control. -
3
LuLu
LuLu is the free open-source macOS firewall
LuLu is a free, open-source firewall for macOS developed by Objective-See. It blocks unauthorized outgoing network connections, allowing users to monitor and control which applications can transmit data externally. Designed for privacy and security, LuLu provides real-time prompts, rule-based filtering, and an intuitive interface, making it a valuable tool for Mac users seeking visibility over their system’s network behavior. -
4
OpenSnitch
OpenSnitch is a GNU/Linux port of the Little Snitch firewall
OpenSnitch is a GNU/Linux port of the Little Snitch firewall. You can launch the GUI from the icon or from the system menu. The daemon will start intercepting connections, prompting you to allow or deny them. If you don't apply an action, after 15 seconds (configurable) it'll apply the default action configured. When you open the GUI, you'll see all the connections and processes that the daemon has intercepted. Double click on a row to view the details of a process, rule, host or user. Once you... -
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks... -
6
Nipe
An engine to make Tor network your default gateway
Nipe is a Perl-based engine whose primary aim is to make the Tor network act as the default gateway for outgoing traffic. In practice, it configures system firewall rules (iptables) and network routing so that almost all IPv4 traffic is redirected through Tor. The tool provides commands such as install, start, stop, restart, and status to manage its behavior. When “start” is issued, it sets up the necessary rules; when “stop” is used, it attempts to remove those rules. Nipe currently operates... -
7
ProxySQL
A high-performance MySQL proxy
ProxySQL is an open source, high performance, high availability, database protocol-aware proxy for MySQL. It was created due to a lack of high performance open source proxies, and is able to scale millions of connections across hundreds of thousands of backend servers, all while getting the freedom of being open source. ProxySQL provides end-to-end MySQL connection handling, real-time statistics and database traffic inspection. It's got failover detection, rich query rule definitions... -
8
Code Quality and Security for C#
Code analyzer for C# and VB.NET projects
... includes thousands of rules covering various issue categories and language standards. Open the rule in SonarQube / SonarCloud, scroll down and (in case the rule has parameters), you can configure the parameters for each Quality Profile the rule is part of. Standalone NuGet packages can be configured the same way as SonarLint in connected mode. -
9
AzureAD Attack Defense
This publication is a collection of various common attack scenarios
AzureAD-Attack-Defense is a community-maintained playbook that collects common attack scenarios against Microsoft Entra ID (formerly Azure Active Directory) together with detection and mitigation guidance. The repository is organized into focused chapters — for example: Password Spray, Consent Grant, Service Principals in Azure DevOps, Entra Connect Sync Service Account, Replay of Primary Refresh Token (PRT), Entra ID Security Config Analyzer, and Adversary-in-the-Middle — each written... -
Level Up Your Cyber Defense with External Threat ManagementMove beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
-
10
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
Handy, High-performance Nginx firewall module. Such as black and white list of IPs or IP range, uri black and white list, and request body black list, etc. Directives and rules are easy to write and readable. The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them automatically... -
11
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
ModSecurity-nginx is the connector that embeds the ModSecurity v3 (libmodsecurity) web application firewall engine into NGINX. It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. The module exposes directives for enabling... -
12
Application Inspector
A source code analyzer built for surfacing features of interest
... and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security. -
13
Web-based Firewall Log Analyzer
Firewall log analyzer
Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains, cisco routers and Windows XP system logs, and mysql or postgresql database logs using the iptables ULOG or NFLOG target of netfilter others mapped to the ulogd format with a view. Fully supports IPv6 for database logs, and netfilter and ipfilter system file logs. Also supports Maxmind's GeoIP version 2 location databases. For Linux, FreeBSD, OpenBSD, Solaris, OSX,etc. -
14
FancySS
fancyss is a project for bypassing the Great Firewall (GFW)
Fancyss is a “scientific Internet access / bypassing censorship” toolkit targeted principally to Asus routers running AsusWRT or Merlin-based firmware. The project provides a plugin suite (with “software center” integration) so that home routers can run proxy or tunneling tools (e.g. V2Ray) to circumvent firewall or censorship (“GFW” in the Chinese context). Because it integrates into the router’s firmware environment, fancyss automates configuration, routing, and firewall rules to minimize... -
15
UUSEC WAF
AI and semantic technology Web Application Firewall
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched by UUSEC Technology, which first realizes the three-layer defense function of traffic layer, system layer, and runtime layer. -
16
boundman
Add rule to windows firewall to block inbound and outbound traffic
Boundman is an advanced, user-friendly, and sleek application designed to take control over your network connections. It allows you to efficiently manage and block incoming and outgoing traffic for specific .exe files contained within a chosen folder and its subfolders. With its intuitive PyQt5 graphical interface and robust PowerShell scripts, Boundman provides seamless integration with the Windows Firewall for a powerful network management experience. -
17
Lexical Analyzer Generator Quex
Generator of lexical analyzers in C and C++. Unicode Supported.
The goal of this project is to provide a generator for lexical analyzers of maximum computational efficiency and maximum range of applications. This includes the support for Unicode (UTF8, UTF16, ...) and a large variety of other encodings directly and via nested converters such as ICU(tm) and IConv. Sophisticated buffer handling allows to operate on plain file streams, on sockets, or manually fed buffer content. 'Ready-to-build' examples explain related concepts and facilitate practical... -
18
sWAF
A simple Web Application Firewall docker image
sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can... -
19
IP-Array
An iptables IPv4 firewall and traffic shaping program
A Linux IPv4 iptables firewall and traffic shaper. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included. -
20
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly... -
21
Ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
Ethlint (Formerly Solium) analyzes your Solidity code for style & security issues and fixes them. Standardize Smart Contract practices across your organization. Integrate with your build system. Deploy with confidence! Solium does not strictly follow Solidity Style Guide. The practices it enforces by default are best practices for the community at large. If you’re using vim with syntastic, and prefer to use a locally installed version of Solium (rather than a global version), you can install... -
22
WinFire
Create and delete block rules for the Windows firewall
... that the block rule is enabled. Remember that a WinFire prefix firewall rule is always a block rule. "...Windows Firewall\Allowed Programs" doesn't show what is a block or allow rule. Use "Windows Firewall with Advanced Security". WinFire (this tool) has no affiliation with Microsoft, Microsoft's subsidiaries or any other product using the name or part thereof 'WinFire'. -
23
Vuurmuur is a powerful firewall manager for Linux/iptables. Vuurmuur supports traffic shaping and live monitoring. It has an easy to learn configuration that allows both simple and complex configurations, and can be fully configured through the Ncurses GUI. Vuurmuur supports NAT, Port Forwarding and has IPv6 support.
-
24
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs... -
25
360-FAAR Firewall Analysis Audit Repair
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses...
