Open Source Projects
Wallarm engineering and research teams continuously contributed to the community by releasing research, data and open-source tools that can be used as fundamental pieces in building API and product security toolchains of the modern enterprises.
API Firewall
API Firewall is a light-weight open-source firewall designed to protect your API endpoints in cloud-native environments with API Schema validation. API Firewall relies on a positive security model allowing calls that match predefined API specs, while rejecting everything else. Technically, API Firewall is a reverse proxy with a built-in OpenAPI v3 request and response validator, written in Go, and optimized for extreme performance and near-zero added latency. First introduced in 2021, it has already amassed 1B+ pulls from Docker Hub.
Black Hat Arsenal presentation: Open-Source API Firewall: New Features & Functionalities
GoTestWAF
GoTestWAF is an open-source API and OWASP attack simulation tool that evaluates web application security solutions, such as API security proxies, Web Application Firewalls (WAFs), Intrusion Protection Systems (IPS), API Gateways, and others. It supports different types of attacks and a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, and others. Shipped as a Docker container, it produces a detailed PDF report showing existing security solutions performance. There is also the online version of the tool.
Black Hat Arsenal presentation: GoTestWAF - well-known open-source WAF tester now supports API security hacking
libDetection Library
Libdetection provides a signature-free detection of payloads by implementing a syntax analysis and universal grammar theory. First introduced as a research project at Black Hat, this open-source library can be used to detect injections and command attacks such as SQLi and more – all without any signature or attack samples.
JWT Heartbreaker
JWT Heartbreaker is a Burp extension designed to find thousands of weak secrets automatically. This extension will automatically find JWT tokens in all the proxied HTTP requests and check for any secrets weaknesses. The extension is available under a GPL license, which is based on the extension JSON Web Tokens (JWT4B).
Portswigger article: JWT Heartbreaker offers remedy for weak JSON web tokens
OWASP Top-10 2022 Proposal
Wallarm supports OWASP and other organizations which have a big impact in the software security space. Wallarm has provided ideas on how a statistical approach can be used to build the OWASP Top-10 list. This repository includes code, data and calculation methodology. This analysis and recommendation is based on 4,640,807 public security reports and bulletins from more than 125 sources, including HackerOne bug bounty reports, CVE, NVD, and exploits collections.
Webinar: OWASP Top 10 2022 Predictions
Blog post: OWASP Top-10 2021. Statistics-based proposal
WallNet
WallNet is an open-source bidirectional recurrent neural network with attention mechanism, pooling layers, and pipeline for Structured Query Language injection (SQLi) detection. It was developed using TensorFlow 1.11 and Python 3.6, and is designed to reduce false positives which negatively impact DevSecOps workload and efficiency. It was demonstrated at BSideSF, during which the application of this methodology was illustrated and the implementation of AI-based false-positive detection for SQL injection attacks was detailed.
Video demonstration: Bye-Bye False Positives: Using AI to Improve Detection
