Best Open-source WAF & API Security tools

Explore curated open-source tools in the WAF & API Security category. Compare technologies, see alternatives, and find the right solution for your workflow.

6 projects · Page 1 of 1

BunkerWeb

Secure your web services by default with a flexible WAF

WAF & API Security

Stars: 9,502
License: AGPL-3.0
Last commit: 3 days ago

PythonActive

Coraza

High-performance Go-based WAF compatible with OWASP CRS v4

WAF & API Security

Stars: 3,095
License: Apache-2.0
Last commit: 4 days ago

GoActive

UUSEC WAF

Industrial‑grade AI‑powered WAF with zero‑day defense and scalable protection

WAF & API Security

Stars: 1,512
License: BSD-2-Clause
Last commit: 5 days ago

LuaActive

ModSecurity

High-performance, language-agnostic security engine for web traffic

WAF & API Security

Stars: 9,324
License: Apache-2.0
Last commit: 15 days ago

C++Active

Caddy WAF

Advanced, customizable WAF middleware for Caddy web server

WAF & API Security

Stars: 672
License: AGPL-3.0
Last commit: 16 days ago

GoActive

SafeLine

Self‑hosted WAF that shields web apps from attacks

WAF & API Security

Stars: 19,414
License: GPL-3.0
Last commit: 1 month ago

GoActive