LandGrey/abuse-ssl-bypass-waf

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/LandGrey/abuse-ssl-bypass-waf)

LandGrey / abuse-ssl-bypass-waf

Bypassing WAF by abusing SSL/TLS Ciphers

☆322

Alternatives and similar repositories for abuse-ssl-bypass-waf

Users that are interested in abuse-ssl-bypass-waf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

l3m0n / Bypass_Disable_functions_Shell
View on GitHub
一个各种方式突破Disable_functions达到命令执行的shell
☆1,198Oct 17, 2023Updated 2 years ago
nccgroup / BurpSuiteHTTPSmuggler
View on GitHub
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
☆738May 4, 2019Updated 6 years ago
LandGrey / ClassHound
View on GitHub
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
☆712May 10, 2021Updated 4 years ago
LandGrey / webshell-detect-bypass
View on GitHub
绕过专业工具检测的Webshell研究文章和免杀的Webshell
☆1,733Nov 15, 2020Updated 5 years ago
CHYbeta / WAF-Bypass
View on GitHub
WAF Bypass Cheatsheet
☆214Sep 23, 2017Updated 8 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
al0ne / Nmap_Bypass_IDS
View on GitHub
Nmap&Zmap特征识别，绕过IDS探测
☆329Aug 1, 2019Updated 6 years ago
Ridter / get_ip_by_ico
View on GitHub
从shodan获取使用了相同favicon.ico的网站
☆189Feb 16, 2019Updated 7 years ago
March110 / javaweb-sec
View on GitHub
攻击Java Web应用-[Java Web安全]
☆15Dec 9, 2020Updated 5 years ago
Bo0oM / WAF-bypass-Cheat-Sheet
View on GitHub
Another way to bypass WAF Cheat Sheet (draft)
☆433Nov 28, 2018Updated 7 years ago
wuppp / shiro_rce_exp
View on GitHub
Shiro RCE (Padding Oracle Attack)
☆148Nov 15, 2019Updated 6 years ago
veracode-research / solr-injection
View on GitHub
Apache Solr Injection Research
☆580Jan 28, 2020Updated 6 years ago
uknowsec / loginlog_windows
View on GitHub
读取登录过本机的登录失败或登录成功的所有计算机信息，在内网渗透中快速定位运维管理人员。
☆221Sep 30, 2019Updated 6 years ago
Mel0day / RedTeam-BCS
View on GitHub
BCS（北京网络安全大会）2019 红队行动会议重点内容
☆819Sep 4, 2019Updated 6 years ago
TheTwitchy / xxer
View on GitHub
A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
☆518Jul 29, 2020Updated 5 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
phith0n / arbitrary-php-extension
View on GitHub
这是一个实验性的PHP扩展，加载这个扩展后，每次请求将可以执行一段自己的PHP代码。
☆198Oct 22, 2018Updated 7 years ago
LandGrey / toolsparty
View on GitHub
A collection of script tools for pentesting
☆63Oct 21, 2019Updated 6 years ago
skmt / icmpsh
View on GitHub
shell over ICMP
☆19Dec 8, 2012Updated 13 years ago
Ch1ngg / JCE
View on GitHub
JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
☆258Oct 29, 2021Updated 4 years ago
WyAtu / CVE-2018-8581
View on GitHub
CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability
☆332Dec 30, 2018Updated 7 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,029Feb 23, 2022Updated 4 years ago
Y4er / fastjson-bypass-autotype-1.2.68
View on GitHub
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
☆229Oct 12, 2022Updated 3 years ago
opensec-cn / vtest
View on GitHub
用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
☆866Jul 21, 2019Updated 6 years ago
360-Linton-Lab / Telemetry
View on GitHub
WINDOWS TELEMETRY权限维持
☆258Jul 2, 2020Updated 5 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
petercunha / jenkins-rce
View on GitHub
Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
☆298Jun 10, 2019Updated 6 years ago
wofeiwo / webcgi-exploits
View on GitHub
Multi-language web CGI interfaces exploits.
☆399Aug 22, 2022Updated 3 years ago
r35tart / GetIPinfo
View on GitHub
用于寻找多网卡主机方便内网跨网段渗透避免瞎打找不到核心网
☆235Jul 17, 2020Updated 5 years ago
dr0op / WeblogicScan
View on GitHub
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
☆967Jun 16, 2024Updated last year
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,392Dec 16, 2022Updated 3 years ago
Ridter / CVE-2019-1040
View on GitHub
CVE-2019-1040 with Exchange
☆253Jun 18, 2021Updated 4 years ago
Lonely-night / fastjson_gadgets_scanner
View on GitHub
☆131Jun 17, 2022Updated 3 years ago
c0ny1 / java-object-searcher
View on GitHub
java内存对象搜索辅助工具
☆823Sep 23, 2022Updated 3 years ago
waderwu / attackRmi
View on GitHub
attackRmi
☆258Oct 14, 2020Updated 5 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
3xp10it / xwaf
View on GitHub
Automatic bypass (brute force) waf
☆994Mar 9, 2022Updated 4 years ago
LeadroyaL / fastjson-blacklist
View on GitHub
☆835Jun 7, 2022Updated 3 years ago
QAX-A-Team / HideShell
View on GitHub
A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.
☆216Mar 31, 2019Updated 6 years ago
PINGXcpost / F-NAScan-PLUS
View on GitHub
F-NAScan-PLUS 安服资产搜集
☆142Feb 16, 2021Updated 5 years ago
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
kirillwow / ids_bypass
View on GitHub
IDS Bypass tricks
☆122Jan 11, 2019Updated 7 years ago
codeplutos / MySQL-JDBC-Deserialization-Payload
View on GitHub
MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
☆13Feb 8, 2020Updated 6 years ago