Best Open-source WAF & API Security tools

Explore curated open-source tools in the WAF & API Security category. Compare technologies, see alternatives, and find the right solution for your workflow.

7 projects · Page 1 of 1

Coraza

High-performance Go-based WAF compatible with OWASP CRS v4

WAF & API Security

Stars: 3,328
License: Apache-2.0
Last commit: 15 hours ago

GoActive

BunkerWeb

Secure your web services by default with a flexible WAF

WAF & API Security

Stars: 10,110
License: AGPL-3.0
Last commit: 1 day ago

PythonActive

Anubis

Lightweight web firewall that blocks AI scrapers with challenge tests

WAF & API Security

Stars: 17,522
License: MIT
Last commit: 6 days ago

GoActive

UUSEC WAF

Industrial‑grade AI‑powered WAF with zero‑day defense and scalable protection

WAF & API Security

Stars: 1,604
License: BSD-2-Clause
Last commit: 6 days ago

LuaActive

ModSecurity

High-performance, language-agnostic security engine for web traffic

WAF & API Security

Stars: 9,540
License: Apache-2.0
Last commit: 13 days ago

C++Active

Caddy WAF

Advanced, customizable WAF middleware for Caddy web server

WAF & API Security

Stars: 740
License: AGPL-3.0
Last commit: 13 days ago

GoActive

SafeLine

Self‑hosted WAF that shields web apps from attacks

WAF & API Security

Stars: 20,811
License: GPL-3.0
Last commit: 4 months ago

GoStable