Xyntax / waf-bypassLinks
☆60Updated 6 years ago
Alternatives and similar repositories for waf-bypass
Users that are interested in waf-bypass are comparing it to the libraries listed below
Sorting:
- Practice hacking JWT tokens☆115Updated 2 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆82Updated 7 years ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆44Updated 3 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 5 years ago
- ☆127Updated 3 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- Exploits developed by Mikael Kall☆47Updated 2 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Updated 4 years ago
- Burp Bounty profiles☆83Updated 3 years ago
- JSONPath extension for BurpSuite☆31Updated last year
- #BugBounty #BugBounty Tools #WebDeveloper Tool☆38Updated 2 months ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆91Updated 5 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆107Updated 5 years ago
- Authenticated SSRF in Grafana☆82Updated last year
- Fuzzing for LFI using Burpsuite☆63Updated 8 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆54Updated 3 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆110Updated 6 years ago
- ☆50Updated 5 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆22Updated 6 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆56Updated 5 years ago
- Gopher Tomcat Deployer☆48Updated 6 years ago
- Public Disclosures☆91Updated 3 years ago
- Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit☆91Updated last year
- This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, …☆53Updated 2 years ago
- Here you can get full exploit for SAP NetWeaver AS JAVA☆76Updated 7 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆103Updated 5 years ago
- A Burp extension for generic extraction and reuse of data within HTTP requests and responses.☆94Updated 3 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Updated 4 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Updated 5 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Updated 5 years ago