ammarion / waf-detectorLinks
π‘οΈ High-performance WAF & CDN detection tool with effectiveness testing suite. Identify protection layers (Cloudflare, Akamai, AWS) and validate security rules with active evasion payloads. Built in Rust π¦.
β106Updated this week
Alternatives and similar repositories for waf-detector
Users that are interested in waf-detector are comparing it to the libraries listed below
Sorting:
- YES3 Scanner: S3 Security Scanner for Access and Ransomware Protectionβ101Updated 3 weeks ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessmentsβ141Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β113Updated last year
- PoC shadow SaaS and insecure credential detection system using a browser extension.β41Updated 2 months ago
- Security tool against dependency typosquatting attacksβ54Updated this week
- AWS honey token managerβ89Updated last year
- Create honeypots for cloud environmentsβ109Updated 3 months ago
- Generate datasets of cloud audit logs for common attacksβ232Updated 3 weeks ago
- AuditKit - Multi-Cloud Compliance Scanner & Evidence Collectionβ243Updated last week
- β52Updated last year
- AWS Attack Path Scanner - Discover privilege escalation paths across 10+ AWS servicesβ133Updated 2 months ago
- Tool for obfuscating and deobfuscating data.β75Updated last year
- β75Updated 10 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context Pβ¦β137Updated 7 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for preβ¦β51Updated last year
- cloudgrep is grep for cloud storageβ326Updated 11 months ago
- A tool to uncover undocumented APIs from the AWS Console.β116Updated 9 months ago
- β192Updated 9 months ago
- Semgrep-based Policy Controller for Kubernetesβ47Updated 10 months ago
- β30Updated 3 weeks ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.β107Updated 2 years ago
- β23Updated 11 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraftβ84Updated last month
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-knownβ¦β265Updated 2 months ago
- Putting a leash on naughty AWS permissionsβ134Updated 5 months ago
- Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.β109Updated 8 months ago
- Unauthenticated enumeration of AWS IAM Roles.β26Updated 4 months ago
- β169Updated 4 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.β60Updated last year
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Clβ¦β173Updated last year