uusec-waf  by Safe3

WAAP for web application and API security, using AI and semantic tech

created 2 years ago
1,361 stars

Top 30.2% on sourcepulse

GitHubView on GitHub
Project Summary

UUSEC WAF is a free, high-performance Web Application Firewall (WAF) and API Security Gateway (WAAP) designed for comprehensive website and API protection. It targets system administrators and security professionals seeking robust defense against web threats, offering AI-driven anomaly detection, proactive system-level security, and advanced semantic analysis for zero-day vulnerability interception.

How It Works

UUSEC WAF employs a multi-layered defense strategy, integrating AI and semantic technologies with Nginx and LuaJIT. Its core strengths lie in: 1) AI-powered anomaly detection for zero-day threats, building whitelists of normal traffic parameters. 2) Proactive defense via HIPS (Host Intrusion Prevention System) and RASP (Runtime Application Self-Protection) for system kernel and application runtime security. 3) Advanced semantic analysis engines (SQL, XSS, RCE, LFI) with deep decoding to accurately identify and block attacks that bypass traditional methods. 4) A flexible rule engine leveraging Nginx and LuaJIT for both user-friendly rule creation and advanced, extensible Lua scripting.

Quick Start & Requirements

  • Installation:
    • Host version: curl https://uuwaf.uusec.com/waf-install -o waf-install && sudo bash ./waf-install && rm -f ./waf-install
    • Docker version: curl https://uuwaf.uusec.com/waf.tgz -o waf.tgz && tar -zxf waf.tgz && sudo bash ./waf/uuwaf.sh
  • Prerequisites:
    • Host: RHEL 7+ (x86_64), ca-certificates, curl. Requires ports 80/443. Will uninstall and reinstall MySQL.
    • Docker: Docker CE >= 20.10.14, Docker Compose >= 2.0.0.
  • Setup Time: Within minutes, depending on download speed.
  • Management Access: https://<server_ip>:4443 (default user: admin, password: Passw0rd!).
  • Documentation: https://uuwaf.uusec.com/

Highlighted Details

  • AI-driven 0-day defense using anomaly detection and parameter whitelisting.
  • HIPS and RASP functions for system kernel and runtime application self-protection.
  • Advanced semantic analysis engines for SQL, XSS, RCE, LFI with deep decoding.
  • Nginx/LuaJIT based rule engine supporting Lua scripting for custom rules and plugins.
  • Self-developed CDN acceleration with regex-based URL path cache cleaning.

Maintenance & Community

Licensing & Compatibility

  • The README does not explicitly state a license. It is described as "free" and "industrial grade." Commercial use implications are unclear without a specified license.

Limitations & Caveats

  • The host installation process will uninstall and reinstall MySQL, potentially causing data loss if not backed up.
  • The project is primarily targeted at x86_64 Linux systems (RHEL 7+).
  • Chinese users are directed to a separate Chinese website for installation, implying potential international version limitations.
Health Check
Last commit

1 day ago

Responsiveness

1 day

Pull Requests (30d)
1
Issues (30d)
9
Star History
282 stars in the last 90 days

Explore Similar Projects

Feedback? Help us improve.