FA-PengFei / NGWAF
First iteration of ML based Feedback WAF
☆57Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for NGWAF
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆20Updated 2 years ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆59Updated 11 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated 9 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.☆54Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆47Updated 8 months ago
- A "Spring4Shell" vulnerability scanner.☆50Updated 2 years ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆43Updated 5 months ago
- Some of my rough notes for Docker threat detection☆46Updated last year
- Enumerate AWS cloud resources based on provided credential☆50Updated 2 years ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆60Updated 2 months ago
- Cloud Exploit Framework☆112Updated 2 years ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆37Updated 2 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆27Updated last year
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆24Updated last year
- Determine the running software version of a remote F5 BIG-IP management interface.☆63Updated 10 months ago
- A fast enumeration tool for publicly exposed Azure Storage blobs.☆78Updated last year
- Presentation materials for my Black Hat USA 2022 Briefing and Arsenal talks☆64Updated 2 years ago
- A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845☆60Updated 3 weeks ago
- Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)☆25Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- A fingerprint generation helper for nuclei network templates☆71Updated 2 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- ☆17Updated 2 years ago
- Exploits targeting vBulletin.☆76Updated last year
- POC FortiOS SSL-VPN buffer overflow vulnerability☆26Updated last year
- Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)☆26Updated 2 years ago
- Hunt SSL Certificates for interesting keywords on major cloud service providers / internet☆34Updated 10 months ago