Xyntax / waf-bypassLinks
☆60Updated 6 years ago
Alternatives and similar repositories for waf-bypass
Users that are interested in waf-bypass are comparing it to the libraries listed below
Sorting:
- Exploits developed by Mikael Kall☆47Updated 2 years ago
- Practice hacking JWT tokens☆115Updated 2 years ago
- Authenticated SSRF in Grafana☆82Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆91Updated 6 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 5 years ago
- Burp Bounty profiles☆83Updated 3 years ago
- ☆127Updated 3 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆48Updated 4 years ago
- Public Disclosures☆91Updated 3 years ago
- JSONPath extension for BurpSuite☆31Updated last week
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆44Updated 3 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆82Updated 7 years ago
- #BugBounty #BugBounty Tools #WebDeveloper Tool☆38Updated 3 months ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆56Updated 5 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, …☆53Updated 2 years ago
- Fuzzing for LFI using Burpsuite☆64Updated 8 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆54Updated 3 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆110Updated 6 years ago
- Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit☆89Updated last year
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆107Updated 5 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Updated 5 years ago
- A XSS mind map ;)☆56Updated 9 years ago
- Compiles a list of major CDN and WAF subnets.☆66Updated this week
- Hacking Artifactory with server side template injection☆51Updated 5 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆23Updated 6 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆103Updated 5 years ago
- IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)☆53Updated last year
- CVE-2020-5410 Spring Cloud Config directory traversal vulnerability☆31Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆64Updated 4 years ago