davidson679 / Bypass-Web-Application-Firewalls
Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for BurpSuite Pro for bypassing web application firewalls (WAF) and XSS filters. These python scripts have been created to fuzz wierd combinations: URL Escape Characters HTML Escape Characters Binary …
☆142Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Bypass-Web-Application-Firewalls
- Burp Suite extension to discover assets from HTTP response.☆219Updated 3 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆109Updated 5 years ago
- A collection of scripts to extend Burp Suite☆139Updated 5 years ago
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆114Updated 4 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆137Updated 5 years ago
- XSS Hunter Burp Plugin☆148Updated 6 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆81Updated 6 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆149Updated 3 years ago
- CVE-2017-9506 - SSRF☆187Updated 2 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆118Updated 5 years ago
- Scan Victim Backup Directories & Backup Files☆178Updated last year
- ☆127Updated 6 years ago
- Java serialization brute force attack tool.☆124Updated 7 years ago
- Everything you need about Burp Extension Generation☆152Updated last year
- Simple Server Side Request Forgery services enumeration tool.☆54Updated 6 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆142Updated 3 years ago
- Proof of concept for CVE-2020-5902☆72Updated 4 years ago
- Facebook Bug Bounties☆101Updated 3 years ago
- Fuzzing for LFI using Burpsuite☆59Updated 8 years ago
- Atlassian JIRA Template injection vulnerability RCE☆93Updated 5 years ago
- HTTP parameter discovery suite.☆94Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 2 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆172Updated 4 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆86Updated 5 years ago
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆212Updated last month
- A tool to find sensitive keys and passwords in Travis logs☆142Updated 3 years ago
- subdomain bruteforce list☆98Updated last month