codewatchorg / bypasswafLinks
Add headers to all Burp requests to bypass some WAF products
☆330Updated 7 years ago
Alternatives and similar repositories for bypasswaf
Users that are interested in bypasswaf are comparing it to the libraries listed below
Sorting:
- SHELLING - a comprehensive OS command injection payload generator☆445Updated 5 years ago
- Content hijacking proof-of-concept using Flash, PDF and Silverlight☆384Updated 6 years ago
- St2-057 Poc Example☆312Updated 6 years ago
- (Deprecated) HQLmap, Automatic tool to exploit HQL injections☆230Updated 5 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆291Updated 2 years ago
- A collection of curated Java Deserialization Exploits☆593Updated 4 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆661Updated last year
- SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.☆431Updated last year
- WSDL Parser extension for Burp☆252Updated 6 years ago
- Takes a URL and checks the system for the tilde enum vuln and then find the files.☆171Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆576Updated 3 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆369Updated 3 years ago
- Central Repo for Burp extensions☆151Updated 3 years ago
- YSOSERIAL Integration with burp suite☆165Updated 2 years ago
- ☆231Updated 9 years ago
- some pentest scripts & tools by yaseng@uauc.net☆148Updated 5 years ago
- CMS Exploit Framework☆193Updated 10 years ago
- Acunetix 0day RCE☆192Updated 9 years ago
- fixed msf module for cve-2017-7269☆135Updated 8 years ago
- Java deserialization exploitation lab.☆235Updated 6 years ago
- A tool that checks and downloads scripts that will aid with privilege escalation on a Windows system.☆170Updated 9 years ago
- Web Fuzzing Discovery and Attack Pattern Database☆114Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆521Updated 4 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆425Updated 5 years ago
- Create a TCP circuit through validly formed HTTP requests☆347Updated 8 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆173Updated 8 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆507Updated 3 years ago
- Bash script that tests if a system is Winshock (MS14-066) vulnerable☆100Updated 10 years ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆314Updated 6 years ago
- A web-application vulnerability scanner☆117Updated 4 years ago