ENNAENNA

BunkerWeb

AGPL-3.0

๐Ÿ•ธ Web Scanning ยท Python

BunkerWeb is an open-source WAF built on top of NGINX that provides automatic security hardening for web applications. It integrates seamlessly via Docker, Kubernetes, Linux packages, or as a reverse proxy. BunkerWeb includes ModSecurity with OWASP Core Rule Set, automatic TLS via Let's Encrypt, bot detection, rate limiting, IP reputation blocking, country-based access control, and anti-DDoS protections. Its plugin system allows extending functionality with custom Lua scripts. Configuration is managed through a web UI or API.

10.4kstars
586forks
194issues
Updated today
+I use this
View on GitHubOfficial Website

Installation

$ docker pull bunkerity/bunkerweb

Use Cases

  • Deploying a WAF in front of web applications
  • Automated TLS certificate management
  • Bot detection and IP reputation filtering
  • Rate limiting and DDoS mitigation

Tags

wafweb-securitynginxreverse-proxyddos-protectionbot-detectionantibotcybersecuritydevopsdevsecopsdnsbldockerhardeninghostingkubernetesletsencryptmodsecuritysecuritysecurity-tuningswarmwaapweb-application-firewall

Details

Category
๐Ÿ•ธ Web Scanning
Language
Python
License
AGPL-3.0
Platforms
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Links

GitHub Repository

github.com/bunkerity/bunkerweb

Official Website

www.bunkerweb.io

Releases

github.com/bunkerity/bunkerweb/releases

Issues

github.com/bunkerity/bunkerweb/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

wafw00f

Python

Identify and fingerprint Web Application Firewall products protecting a site.

Compare BunkerWeb vs wafw00f

CrowdSec

Go

Collaborative open-source IPS with crowd-sourced threat intelligence sharing.

Compare BunkerWeb vs CrowdSec

More in Web Scanning

httpx

Go

Fast multi-purpose HTTP toolkit. Probes for running HTTP servers with retries and fallbacks.

http-probetech-detectionprojectdiscovery

Nikto

Perl

Classic web server scanner. Tests for dangerous files, outdated server software, and version-specific problems.

web-serverclassiccgi-scan

Gobuster

Go

Directory/file, DNS, and vhost busting tool. Brute-forces URIs, DNS subdomains, virtual host names, and S3 buckets.

directory-brutedns-brutevhost

Feroxbuster

Rust

Fast, recursive content discovery tool written in Rust. Like gobuster on steroids with auto-recursion.

directory-bruterecursiverust

Burp Suite Community

Java

Web vulnerability scanner and proxy. Intercept, modify, and replay HTTP/S traffic for web app testing.

proxyweb-appinterceptor

ffuf

Go

Fast web fuzzer written in Go. Fuzz anything - URLs, headers, POST data - with blazing speed.

fuzzingdirectory-brutefast