Open Source ChromeOS Firewall Software

The UPnP PortMapper can be used to easily manage the port mappings/port forwarding of a UPnP enabled internet gateway/router in the local network.

Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. The project ships with extensive documentation, exclusion packages, and testing tools to help tailor deployment for frameworks, CDNs, and APIs. Deployed on engines such as ModSecurity or compatible WAFs, CRS is a widely used baseline for HTTP security in reverse proxies and gateways.

A java wrapper for popular "libpcap" and "WinPcap" libraries. Accurate full API translation. Packet buffers delivered with no copies. Send custom packets, gather statistics. Comprehensive and easily extensible DPI engine.

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to move rules to where you need them. Build new rulebases from scratch with a single 'any' rule and log files, with the 'res' and 'name' options. Switch into DROPS mode to analyse drop log entries.

Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL

A client for the MikroTik RouterOS API protocol, written in PHP. Easy, tested and documented. All feedback welcomed.

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons Gökhan Muharremoğlu

VTD-XML is the next generation XML parser/indexer/editor/slicer/assembler/xpath-engine that goes beyond DOM, SAX and PULL in performance, memory usage, and ease of use.

SonicReader is used to view and save reports of the internals of a Sonicwall Configuration file. This is useful for those people that wish to know the settings within their saved Sonicwall Configs. I have no affiliation with Dell Sonicwall. Please do not contact Dell Sonicwall regarding the use of this program.

JWall is not just a java gui for iptables. JWall is a multi firewall management client. A secure rulebase can be built with graphical objects. Rulesets can be pushed to remote firewalls (via ssh). The remote firewall just needs to be Linux with sshd

IOSEC PHP HTTP FLOOD PROTECTION ADDONS IOSEC is a php component that allows you to simply block unwanted access to your webpage. if a bad crawler uses to much of your servers resources iosec can block that. IOSec Enhanced Websites: https://www.artikelschreiber.com/en/ https://www.unaique.net/en/ https://www.unaique.com/ https://www.artikelschreiber.com/marketing/ https://www.paraphrasingtool1.com/ https://www.artikelschreiben.com/ https://www.buzzerstar.com/ https://iosecaddons.sourceforge.io/ https://www.artikelschreiber.com/opensource/ https://www.sebastianenger.com/ Added Setup Instructions for Wordpress Content Management System. Added Facebook Bot Support for "Facebot/1.0". Add this code to your website to prevent unauthorized stealing of your valuable content & block malicious bots from crawling your site.

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

AMaViS is a script that interfaces a mail transport agent (MTA) with virus scanners.

WarpTunnel is a porting of http tunnel 3.3 from C into .NET C# platform. WarpTunnel creates a bidirectional virtual data path tunnelled in HTTP requests through firewall or proxy servers.Support DIGEST proxy & SOCKS4/4a/5.Client for Compact Framework 2.0

SOCKS Server and Library for Java. Support for versions 4 and 5 of SOCKS protocol. Designed to be easily expandable to support different encryption/authentication/authorization methods. Sample server and client are available.

HTTP Tunnel that works with ANY HTTP proxy: no CONNECT method required! You can use the port redirector or Socks 4/4a/5 to connect outside your (restricted) LAN. An external web server is required, to be used as gateway.

PySocks - a platform independent SOCKS proxy written in Python Do you share an DSL or cable connection between several computers? With PySocks you'll be able to use all features of ICQ, MIRC, Napster and such again!

CartoReso intends to facilitate enterprise computer network mapping.

Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains, cisco routers and Windows XP system logs, and mysql or postgresql database logs using the iptables ULOG or NFLOG target of netfilter others mapped to the ulogd format with a view. Fully supports IPv6 for database logs, and netfilter and ipfilter system file logs. Also supports Maxmind's GeoIP version 2 location databases. For Linux, FreeBSD, OpenBSD, Solaris, OSX,etc.

The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, fte

IceIDS is heuristic Network Intrusion Detection System (NIDS) based on calculating Student's distributions of network traffic.

Forwards non-NTLM HTTP client requests to an NTLM proxy server (ie. Microsoft IAS). Can also forward a local port to a remote machine.

Nuri is a pool of functions useful in complex network&devices management, almost tied on Cisco HW. She will help you in analysis and maintenance of very huge configs and/or topological complex networks. have fun. $witch