Best Open-source WAF & API Security tools

Explore curated open-source tools in the WAF & API Security category. Compare technologies, see alternatives, and find the right solution for your workflow.

6 projects · Page 1 of 1

Coraza

High-performance Go-based WAF compatible with OWASP CRS v4

WAF & API Security

Stars: 3,205
License: Apache-2.0
Last commit: 14 hours ago

GoActive

BunkerWeb

Secure your web services by default with a flexible WAF

WAF & API Security

Stars: 9,819
License: AGPL-3.0
Last commit: 22 hours ago

PythonActive

ModSecurity

High-performance, language-agnostic security engine for web traffic

WAF & API Security

Stars: 9,454
License: Apache-2.0
Last commit: 3 days ago

C++Active

UUSEC WAF

Industrial‑grade AI‑powered WAF with zero‑day defense and scalable protection

WAF & API Security

Stars: 1,561
License: BSD-2-Clause
Last commit: 3 days ago

LuaActive

Caddy WAF

Advanced, customizable WAF middleware for Caddy web server

WAF & API Security

Stars: 713
License: AGPL-3.0
Last commit: 3 days ago

GoActive

SafeLine

Self‑hosted WAF that shields web apps from attacks

WAF & API Security

Stars: 20,151
License: GPL-3.0
Last commit: 2 months ago

GoActive