Add headers to all Burp requests to bypass some WAF products
☆44Nov 30, 2023Updated 2 years ago
Alternatives and similar repositories for bypass-waf
Users that are interested in bypass-waf are comparing it to the libraries listed below
Sorting:
- Script to check Azure Front Door WAF for insecure RemoteAddr variable☆27Jul 11, 2025Updated 7 months ago
- pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching☆12Jun 4, 2022Updated 3 years ago
- Collection of offensive tools targeting Microsoft Azure☆10Jun 9, 2022Updated 3 years ago
- Manage the metasploit framework database☆16Nov 8, 2020Updated 5 years ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- ☆10Jan 30, 2022Updated 4 years ago
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆20Jan 7, 2026Updated 2 months ago
- Maintaining account persistence via XSS and Oauth☆77Jan 7, 2019Updated 7 years ago
- Terminate the eventlog thread to disable the windows eventlog☆21Apr 1, 2020Updated 5 years ago
- Simple scapy-based tool to hijack and reset existing TCP connections☆23Apr 12, 2013Updated 12 years ago
- The Data Analysis Pipeline☆17Apr 23, 2019Updated 6 years ago
- An OSINT tool to search for accounts by username in social networks.☆19Aug 8, 2022Updated 3 years ago
- A regular expression fuzzer.☆45Mar 13, 2018Updated 7 years ago
- go-nmap is a golang library to run nmap scans, parse scan results.☆20Dec 6, 2018Updated 7 years ago
- Pipe different tools with google dork Scanner☆56Jun 25, 2020Updated 5 years ago
- Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager☆23Jan 4, 2025Updated last year
- ☆19Oct 5, 2020Updated 5 years ago
- ☆27Dec 20, 2022Updated 3 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆70Mar 25, 2022Updated 3 years ago
- Command-line tool to identify useragents that bypasses proxy restrictions☆11Oct 23, 2025Updated 4 months ago
- golang版的dsinff-webspy☆27Dec 14, 2017Updated 8 years ago
- Atlassian Confluence CVE-2021-26084 one-liner mass checker☆30Sep 7, 2021Updated 4 years ago
- XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnera…☆31Updated this week
- Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.☆332Nov 21, 2020Updated 5 years ago
- Offensive Security MISC Annotations and Payloads for Ethical Hackers / Security Researchers☆30Dec 12, 2024Updated last year
- Parse X509 certificates to get the (sub)domains in it.☆28Jun 14, 2018Updated 7 years ago
- Configuration Extractor for BlackCat Ransomware☆31Mar 18, 2022Updated 3 years ago
- Burp Wiener API (Legacy)☆62Dec 1, 2023Updated 2 years ago
- Coalfire GCP RAMP/pak Reference Architecture☆13Feb 5, 2026Updated last month
- Collection of scanner checks missing in Burp☆32Jun 15, 2020Updated 5 years ago
- Capturing audio (.wav) from target using a link☆12Feb 21, 2020Updated 6 years ago
- Web Application Security related tools. Includes backdoors, proof of concepts and tricks☆37Oct 21, 2014Updated 11 years ago
- In-depth Attack Surface Mapping and Asset Discovery☆26Aug 24, 2020Updated 5 years ago
- Default plugins for Jaeles Scanner☆35Nov 5, 2020Updated 5 years ago
- ETS5 Password Recovery Tool is a PoC for CVE-2021-36799☆33Jul 23, 2022Updated 3 years ago
- Open Redirect scanner - (out of date)☆28Nov 27, 2022Updated 3 years ago
- ☆35Mar 19, 2022Updated 3 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆122Apr 16, 2019Updated 6 years ago
- Apache Thrift Decoder☆35Dec 7, 2017Updated 8 years ago