PortSwigger / bypass-wafLinks
Add headers to all Burp requests to bypass some WAF products
☆42Updated last year
Alternatives and similar repositories for bypass-waf
Users that are interested in bypass-waf are comparing it to the libraries listed below
Sorting:
- A Python script to parse net blocks & domain names from SPF record☆84Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆93Updated 4 months ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆103Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆64Updated 4 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Updated 5 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆157Updated 5 years ago
- subdomain bruteforce list☆101Updated 10 months ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆60Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆63Updated 3 years ago
- Get all possible href | src | url from target url or domain☆41Updated 5 years ago
- ☆48Updated 4 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆72Updated 4 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆91Updated 6 years ago
- Broken Link Hijacking Burp Extension☆57Updated 5 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆157Updated last month
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- Push notifications for passive DNS data☆109Updated 9 years ago
- Generate wordlists for fuzzing API method names☆54Updated 4 years ago
- A python library to automate time-based blind SQL injection☆50Updated 5 years ago
- ☆76Updated 4 years ago
- ☆28Updated 4 months ago
- Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.☆100Updated 2 months ago
- Host Header Injection Checker☆82Updated 3 years ago
- Collection of scripts to test your website against vulnerabilities.☆18Updated last year
- Misc bounty and vulndisc things☆86Updated 4 years ago
- Generates target specific word lists for Fuzzing with fuff☆111Updated 4 years ago
- A collection of scripts to extend Burp Suite☆142Updated 6 years ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆88Updated 5 years ago