frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Show HN: Shibuya – A High-Performance WAF in Rust with eBPF and ML Engine

https://ghostklan.com/shibuya.html
16•germainluperto•1h ago
Hi HN,

I’ve been working on Shibuya, a next-generation Web Application Firewall (WAF) built from the ground up in Rust.

I wanted to build a WAF that didn't just rely on legacy regex signatures but could understand intent and perform at line-rate using modern kernel features.

What makes Shibuya different:

Multi-Layer Pipeline: It integrates a high-performance proxy (built on Pingora) with rate limiting, bot detection, and threat intelligence.

eBPF Kernel Filtering: For volumetric attacks, Shibuya can drop malicious packets at the kernel level using XDP before they consume userspace resources.

Dual ML Engine: It uses an ONNX-based engine for anomaly detection and a Random Forest classifier to identify specific attack classes like SQLi, XSS, and RCE.

API & GraphQL Protection: Includes deep inspection for GraphQL (depth and complexity analysis) and OpenAPI schema validation.

WASM Extensibility: You can write and hot-load custom security logic using WebAssembly plugins.

Ashigaru Lab: The project includes a deliberately vulnerable lab environment with 6 different services and a "Red Team Bot" to test the WAF against 100+ simulated payloads.

The Dashboard: The dashboard is built with SvelteKit and offers real-time monitoring (ECharts), a "Panic Mode" for instant hardening, and a visual editor for the YAML configuration.

I'm looking for feedback on the architecture and the performance of the Rust-eBPF integration.

Comments

nullcathedral•36m ago
Feel free to correct me, but the ML classifier appears to be rather bare. Less than 20 hardcoded payloads with randomized URL encoding as the only augmentation. How does this generalize to novel evasion techniques? Genuinely curious what your eval numbers look like against real traffic.

https://github.com/theghostshinobi/Shibuya-waf-light-version...

koakuma-chan•11m ago
"The most advanced open-source WAF ever built."

Somehow, the moment I read this, I knew it was AI slop.

nullcathedral•8m ago
The website gave it away for me, felt very AI generated
reconnecting•17m ago
## Shibuya WORLD DOMINATION PLAN (1)

*Month 3*: Top 10 security OSS project su GitHub

*Month 6*: 10k+ stars, 1000+ prod deployments

*Month 9*: Conference talks (OWASP, DevSecOps Days, Black Hat Arsenal)

*Month 12*: Industry standard, "the modern WAF", competitors che copiano te

## MONETIZATION ROADMAP

*Week 12-16*: Free tier (self-hosted, community support)

- Goal: 1000 GitHub stars

- Goal: 100 production deployments

- Goal: Dev che parlano di te su Twitter

*Week 16-20*: Pro tier launch ($49-99/mo) - Managed rules auto-update

- ML models ottimizzati

- Priority support

- Advanced dashboard

- Goal: primi 50 paying customers ($5k MRR)

*Week 20-24*: Enterprise tier (custom pricing) - Multi-tenant

- SSO/SAML

- Compliance reports (PCI-DSS, SOC2)

- SLA + dedicated support

- Custom integrations

- Goal: primi 5 enterprise deals ($50k+ ARR)

*Month 6+*: Exit strategy - Seed funding ($1-2M) o bootstrap to profitability

- Series A ($10M+) se traction è pazzesca

- Acquisition offer da competitor? (Cloudflare che compra per killare? NO GRAZIE, fuck them )

1. The most interesting part here is a deleted commit: https://github.com/theghostshinobi/Shibuya-waf-light-version...

swah•11m ago
Speaking to LLMs looks fresh!
abusaidm•10m ago
They have a roadmap of where they want to be, I think that’s normal. As long as they don’t pull a fast one on the oss community then I think if this catch on and it’s worth it then even if they sell the community can fork if the new owners are not so welcoming.
reconnecting•7m ago
Looks like the Gemini as a full roadmap

## IL PIANO D'ATTACCO

*Episodi 1-3* (core tech): TU + GEMINI

*Episodi 4-9* (features sexy): TU + GEMINI + primi contributor OSS

*Episodi 10-12* (advanced): TU + small team (2-3 dev pagati)

*Episodi 13-18* (domination): Team + community

abusaidm•12m ago
This looks really interesting especially in the age of agents running wild, having code execution be tracked using this as the ingress/egress you can allow and block things based on context and needs, you can setup policies and have them loaded on demand for a specific execution
koakuma-chan•11m ago
What the fuck is this slop?

https://github.com/theghostshinobi/Shibuya-waf-light-version...

Klonoar•3m ago
This is the most generic and uninspired name you could have possibly chosen.

Show HN: Habitless – A minimalist, privacy-first tracker to quit addictions

https://apps.apple.com/us/app/habitless-quit-addiction/id6758941144
1•felixkariuki_m•43s ago•0 comments

AI-powered tool that generates Cypress and Playwright end-to-end tests

https://github.com/aiqualitylab/ai-natural-language-tests
1•LetsAutomate•1m ago•0 comments

Intel ME

https://en.wikipedia.org/wiki/Intel_Management_Engine
1•dtj1123•2m ago•0 comments

Haitless: Quit Addiction

1•felixkariuki_m•8m ago•0 comments

I am a 15-year-old girl: the vile misogyny that confronts me on social media

https://www.theguardian.com/commentisfree/2026/feb/23/15-year-old-girl-misogyny-social-media-onli...
2•Anthony-G•8m ago•1 comments

Coding Consistently with Agents in 2026

https://www.mykel.org/notes/coding-with-agents
1•mvkel•9m ago•0 comments

VisPhyWorld: Probing Physical Reasoning via Code-Driven Video Reconstruction

https://arxiv.org/abs/2602.13294
1•PaulHoule•10m ago•0 comments

Police are finding suspects based on searches as courts weigh privacy concerns

https://apnews.com/article/google-reverse-keyword-search-privacy-c5a0bc6f3790213f92e78aae720d2379
2•iamnothere•11m ago•0 comments

Show HN: OmniClaw – An autonomous AI swarm that runs natively on Termux

https://github.com/webspoilt/omniclaw
1•anon89745•11m ago•1 comments

Read Locks Are Not Your Friends

https://eventual-consistency.vercel.app/posts/write-locks-faster
2•birdculture•13m ago•0 comments

Why You Shouldn't Raise VC (Yet): How to Bootstrap with Carolyn Katz

https://fi.co/events/why-you-shouldn-t-raise-vc-yet-how-to-bootstrap-with-carolyn-katz
1•FInstituteNY•15m ago•1 comments

I reduced my OpenSearch costs by 85% using disk-based vector search

https://builder.aws.com
1•namarjun•15m ago•0 comments

Will Software Engineering Survive?

https://akr.am/blog/posts/will-software-engineering-survive
1•thefilmore•15m ago•2 comments

"Car Wash" test with 53 models

https://opper.ai/blog/car-wash-test
10•felix089•16m ago•3 comments

Torvalds: Someone who isn't afraid of numbers past teens will take over Linux

https://www.theregister.com/2026/02/23/linux_7_0_rc1/
3•smurda•18m ago•0 comments

Does AI put women at a disadvantage?

https://www.ft.com/content/60e2a900-8999-46cc-8107-4f468f442aae
1•paulpauper•19m ago•1 comments

Show HN: DevUtility Hub – Like CyberChef, but for the 2026 Stack (MCP, ZKP, AI)

https://www.devutilityhub.me/
1•badboyshah•19m ago•0 comments

Did Eastern Europe produce that many slaves?

https://www.cambridge.org/core/journals/american-political-science-review/article/consequences-of...
1•paulpauper•19m ago•0 comments

Mailing List Blocklists/Blacklists

1•mappx•19m ago•0 comments

My screed against capital-T taste

https://text-incubation.com/my-screed-against-capital-t-taste
1•krrishd•20m ago•0 comments

Using an LED Loop to Verify Your Toolchain Is Flashing the Hardware

https://hubble.com/community/guides/use-led-loop-verify-toolchain-flashing-hardware/
1•jmarbach•21m ago•0 comments

Show HN: Glue – new language and toolchain for data modeling

https://guywaldman.com/posts/introducing-glue
2•guywald•22m ago•0 comments

Tech-Savvy Observability

https://github.com/heyojules/lotus
1•gintokinx•22m ago•0 comments

Show HN: Makethlm – combine make/just with LLM

https://github.com/latedeployment/makethlm
1•elegantgate•22m ago•0 comments

Show HN: Oxlo.ai – AI APIs with unlimited tokens and request based pricing

https://www.oxlo.ai/
1•Barathkanna•25m ago•0 comments

UNIX99, a UNIX-like OS for the TI-99/4A

https://forums.atariage.com/topic/380883-unix99-a-unix-like-os-for-the-ti-994a/
12•marcodiego•26m ago•0 comments

Traditional search is broken, so I tried fixing it

https://github.com/Shantanugupta43/SuggestPilot
1•shaanuknow•27m ago•0 comments

HackEurope 2026: A short rant on AI and hackathons

https://duti.dev/blog/2026/spr/
2•acheong08•28m ago•0 comments

OpenClaw overtakes Linux in GitHub popularity contest

https://www.star-history.com/#codecrafters-io/build-your-own-x&torvalds/linux&openclaw/openclaw&t...
2•whit537•29m ago•1 comments

You don't need free lists

https://jakubtomsu.github.io/posts/bit_pools/
1•renehsz•29m ago•0 comments