The most advanced open-source WAF ever built.
ML anomaly detection. eBPF kernel blocking. 615+ OWASP rules.
The WAF that makes Cloudflare nervous.
9 weapons in one stack. Each module is a game-changer. Together, they're an impenetrable fortress built in Rust.
Shibuya drops an XDP hook directly in the Linux kernel. Packets from known-malicious IPs get killed before they ever reach your application or even the WAF itself. IP blacklists stored in eBPF maps for O(1) lookup on millions of IPs. SYN flood protection included. Toggle on/off at runtime via Admin API — no restart needed.
Two independent ML models run in parallel: an IsolationForest (via ONNX runtime) detects anomalies, and a Random Forest classifies attacks across 10 classes: SQLi, XSS, RCE, SSRF, XXE, SSTI, NoSQLi, Path Traversal, Command Injection, Benign. SHAP-like explainability shows exactly which top-5 features triggered the alert. Human-in-the-loop feedback loop. A/B model testing. Data drift detection.
Native SecRule parser with the full OWASP Core Rule Set — the enterprise-standard ruleset used worldwide. Every operator: @rx @pm @detectSQLi @detectXSS @ipMatch @validateByteRange. Anomaly scoring with 4 paranoia levels. ReDoS protection built-in. Rules hot-reload without downtime. Custom rule creation via Admin API or CLI.
Extend Shibuya with WebAssembly plugins written in any language — Rust, Go, C, AssemblyScript, anything that compiles to WASM. Each plugin runs in a fully sandboxed environment with configurable memory limits, execution time caps, and fuel budgets. A host API lets plugins inspect and modify requests in real-time. No other open-source WAF has this.
Deploy new rules to production without any risk. Shadow mode logs what would have been blocked — without blocking anything. Configurable per-route, per-percentage (0–100%). Request replay engine captures real traffic to PostgreSQL and replays it against new policy versions, generating a full diff report: "old policy vs new policy" — with zero production impact.
Import your OpenAPI 3.x spec and Shibuya auto-generates positive security rules — only documented endpoints, methods, and schemas are allowed. GraphQL gets: depth analysis, complexity scoring, alias count validation, batch size limits, and introspection blocking. JWT validation and OAuth 2.0 for API auth. Response validation to catch data leakage on the way out.
No other WAF on the market ships with a built-in attack lab. Ashigaru is a full Docker-based environment with 6 deliberately vulnerable services — real exploitable vulnerabilities — so you can validate the WAF against actual attacks, not synthetic benchmarks. A Red Team Bot automates attacks. The War Room provides a full test suite dashboard. Test everything before you go live.
Built for teams and enterprises at zero cost. Full multi-tenancy with tenant isolation, RBAC for role-based dashboard access, LDAP integration for enterprise SSO, OAuth 2.0. Federated Learning module shares threat intelligence across WAF nodes. Post-Quantum Cryptography for future-proof TLS. Hardware attestation via TPM. Dynamic SBOM for supply chain monitoring.
Write security policies in plain English with the NLP policy engine — no SecRule syntax required. The AI Virtual Patching module automatically generates WAF rules from CVEs. Integrates with Burp Suite, nuclei, and ZAP — when a scanner finds a vulnerability, Shibuya blocks it in 30 seconds, without touching a single line of application code. Promote to permanent rule with one click.
Security data from Verizon DBIR, OWASP, Akamai 2024. Performance from Shibuya load benchmarks.
Honest. Feature by feature. We're open source, faster, and going where no WAF has gone before.
| Feature | SHIBUYA YOU ARE HERE | Cloudflare WAF | AWS WAF | ModSecurity |
|---|---|---|---|---|
| OWASP CRS (615+ rules) | ✓ Native full | ✓ | ◐ Partial | ✓ |
| ML Anomaly Detection (ONNX) | ✓ IsolationForest | ✓ Black box | ✗ | ✗ |
| ML Explainability (SHAP) | ✓ Top 5 features | ✗ | ✗ | ✗ |
| eBPF/XDP Kernel Blocking | ✓ ~1μs | ✗ | ✗ | ✗ |
| WASM Plugin System | ✓ Full sandbox | ◐ Workers only | ✗ | ✗ |
| Shadow Mode + Replay | ✓ Built-in | ◐ Limited | ✗ | ✗ |
| OpenAPI Auto-Rules | ✓ Auto-generate | ◐ Manual | ◐ Manual | ✗ |
| GraphQL Native Protection | ✓ Depth+Complexity | ✓ | ✗ | ✗ |
| NLP Policy Engine | ✓ Plain English | ✗ | ✗ | ✗ |
| AI Virtual Patching | ✓ CVE → 30s block | ✗ | ✗ | ✗ |
| Built-in Attack Lab | ✓ Ashigaru (6 svc) | ✗ | ✗ | ✗ |
| Multi-Tenancy + RBAC | ✓ Full | ✓ Paid | ✓ Paid | ✗ |
| Post-Quantum TLS | ✓ Included | ✓ Paid tier | ✗ | ✗ |
| Federated Learning | ✓ Included | ✗ | ✗ | ✗ |
| P99 Latency Overhead | <5ms | ~10–20ms | ~15–30ms | ~8–15ms |
| Self-Hosted / Full Control | ✓ 100% | ✗ Cloud only | ✗ Cloud only | ✓ |
| Open Source | ✓ 100% Open | ✗ Proprietary | ✗ Proprietary | ✓ |
| Cost | Free / Open Source | $200+/mo | $5+/mo + traffic | Free |
Every request passes through 9 sequential security layers. From kernel to application, nothing gets through unscathed.
OWASP Top 10 and beyond. ML catches what rules miss. eBPF stops what ML can't even see.
36-page SvelteKit dashboard. Real-time ECharts. 2-second polling. Dark glassmorphism. Full WAF control from one UI.
207 core Rust files. 32 CLI modules. 16 API files. 36 dashboard pages. Every line intentional.
615+ rules. ML detection. eBPF blocking. Shadow mode. 36-page dashboard. Built-in attack lab. Post-quantum TLS. Federated learning. 100% open source lite version.
For issues, bugs, custom integrations, enterprise support, or anything else — reach out directly.
✉ germainluperto@gmail.comResponse within 24 hours · No bots · Real human