diff --git a/linux/README.md b/linux/README.md
index 872f89a..b7da482 100644
--- a/linux/README.md
+++ b/linux/README.md
@@ -9,3 +9,5 @@ $ ./find-nessus-plugin.sh 62940
 - **`openvas-automate.sh`** - A simple OpenVAS scanner automation script. If you want to use your custom defined scan type - you'll need to edit script's code, especially `targets` array and `if` decision statement in lines 111-137. [gist](https://gist.github.com/mgeeky/a038f809dff4d308db94f5f657908da7)
 
 - **`prepare-kali.sh`** - A script that supplies fresh Kali installation with set of initial packages, configurations, wordlists (`/root/data`) and a big repository of tools I've found useful (located in `/root/tools`). ([gist](https://gist.github.com/mgeeky/39d1681e44804f089d1553cc7597e628))
+
+- **`toggleWaf.sh`** - Simple script used to quickly enable/disable ModSecurity on Apache2
diff --git a/linux/toggleWaf.sh b/linux/toggleWaf.sh
new file mode 100644
index 0000000..0b549f7
--- /dev/null
+++ b/linux/toggleWaf.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+modname=security2
+friendlyname=WAF
+
+if [ $# -ne 1 ]; then
+    echo "Usage: ./toggleWaf <on|off|status>"
+    exit 1
+fi
+
+case $1 in
+    "on")
+        if [ $EUID -ne 0 ]; then
+            echo "[!] This function must be run as root. Use sudo."
+            exit 1
+        fi
+        a2enmod $modname > /dev/null
+        systemctl reload apache2
+        echo "[+] $friendlyname enabled."
+        ;;
+
+    "off")
+        if [ $EUID -ne 0 ]; then
+            echo "[!] This function must be run as root. Use sudo."
+            exit 1
+        fi
+        a2dismod $modname > /dev/null
+        systemctl reload apache2
+        echo "[-] $friendlyname disabled."
+        ;;
+
+    "status")
+        if a2query -m $modname 2> /dev/null | grep -q 'enabled' ; then
+            echo "[+] $friendlyname is enabled."
+        else
+            echo "[-] $friendlyname is disabled."
+        fi
+        ;;
+esac