Alternatives and similar repositories for WAF-bypass-fuzz-payloads

Users that are interested in WAF-bypass-fuzz-payloads are comparing it to the libraries listed below

• 0xPugal / bugbounty_profile
  Automate bug bounty recon using bash alias
  ☆14Updated last year
• mathis2001 / ParamFirstCheck
  ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …
  ☆34Updated last year
• KathanP19 / Python_For_Pentester
  Programs I Made while learning python for pentesters.
  ☆18Updated 3 years ago
• nullenc0de / reverse-apk
  ☆53Updated 10 months ago
• gwen001 / bxss
  Alternative to XSS Hunter for blind XSS.
  ☆51Updated 2 years ago
• marmicode / websheep
  🐑 Websheep is an app based on a willingly vulnerable ReSTful APIs.
  ☆56Updated last year
• HernanRodriguez1 / ScanMySQLiErrorBased-Nuclei
  ☆21Updated 3 years ago
• hueristiq / hqurlscann3r
  A web application attack surface mapping tool. It takes in a list of urls then performs numerous probes
  ☆15Updated 3 years ago
• sec-it / BFAC-Burp-Extension
  Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)
  ☆20Updated 4 years ago
• r00tkie / grep-pattern
  collection of various grep patterns collected from tomnomnom/gf and other places
  ☆23Updated 4 years ago
• redhuntlabs / Log4JHunt
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆44Updated 7 months ago
• Ravaan21 / Chandrahasa
  A solid recon tool I use personally.
  ☆30Updated 2 years ago
• c0brabaghdad1 / DVPA
  Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges
  ☆32Updated 3 years ago
• enenumxela / ps.sh
  A bash script that automates the process of service discovery on specified target hosts. The aim of the scripts is reducing scan time, in…
  ☆12Updated 4 months ago
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆45Updated 4 years ago
• dalbonip / theGreatRecon
  ☆28Updated last year
• Josue87 / wp_hunter
  Static analysis of wordpress plugins
  ☆62Updated 4 years ago
• aniqfakhrul / lazyParam
  A simple automation tool to detect lfi, rce and ssti vulnerability
  ☆56Updated 3 years ago
• KingOfBugbounty / BugBuntu
  BugBuntu Linux
  ☆15Updated 4 years ago
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 3 years ago
• nu11secur1ty / nu11secur1ty
  https://www.nu11secur1ty.com
  ☆22Updated 3 weeks ago
• GainSec / TreeHouse-Wordlists
  Wordlist for Hacking, Penetration Testing, Vulnerability Assessments and More
  ☆63Updated last year
• MantisSTS / GoCloud
  Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
  ☆59Updated 2 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆49Updated 3 years ago
• gitnepal / isup
  Find alive host from dumped subdomains, huge domain list , alive subdomains
  ☆27Updated 4 years ago
• AdmiralGaust / bountyReconV2
  Framework to automate Bug Bounty Reconnaissance
  ☆45Updated 4 years ago
• kmskrishna / gdn
  A GO module to get domain name from SSL certificates when an IP address is provided.
  ☆35Updated 2 years ago
• geeknik / nuclei-template-generator
  A simple tool which makes creating nuclei templates even easier.
  ☆36Updated last year
• shelld3v / flydns
  Related subdomains finder
  ☆30Updated 3 years ago
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆61Updated last year