Rack-attack is a middleware rate limiter and request filter for the Rack interface. It provides a system for throttling HTTP requests and maintaining IP address blocklists to protect applications from malicious traffic and denial-of-service attacks. The project enables application layer DDoS mitigation and API rate limit management by identifying and rejecting requests from banned clients or abusive IP addresses. It allows for the definition of safelists to bypass filters and uses custom logic to determine if a client should be blocked or throttled. The tool covers comprehensive traffic mana
This project is a collection of configuration files and scripts serving as a bot blocker and security middleware for Nginx. It functions as an automated blocklist manager that filters malicious user-agents and IP addresses to mitigate vulnerability scanning, login brute-forcing, and DDoS attacks. The system distinguishes itself by automating the maintenance of security rules, downloading updated bot definitions and reloading the server on a schedule. It also includes a search engine spam filter capable of generating robots.txt files and link disavow lists to prevent malicious domains from imp
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do
LLM Guard is a security firewall and guardrail framework designed to scan and sanitize inputs and outputs for large language models. It functions as a proxy gateway and security layer to block prompt injections, toxicity, and sensitive data leakage while ensuring that model interactions remain compliant with organizational policies. The system distinguishes itself through a modular scanner pipeline that utilizes local model orchestration to eliminate external network dependencies. It supports real-time security filtering via streaming chunk analysis and implements a fail-fast execution model