A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
☆279Oct 29, 2018Updated 7 years ago
Alternatives and similar repositories for Bypassing-Web-Application-Firewalls
Users that are interested in Bypassing-Web-Application-Firewalls are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hand list of Powershell commands frequently used during penetration tests☆15Oct 14, 2018Updated 7 years ago
- Make XSS Great Again☆31Nov 29, 2019Updated 6 years ago
- Notes on Active Directory analysis and exploitation☆11Mar 7, 2019Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆825Dec 6, 2017Updated 8 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Detect and bypass web application firewalls and protection systems☆2,890Aug 11, 2024Updated last year
- CVE-2018-8021 Proof-Of-Concept and Exploit☆105Dec 3, 2018Updated 7 years ago
- Automatic bypass (brute force) waf☆993Mar 9, 2022Updated 4 years ago
- A collection of curated Java Deserialization Exploits☆592May 16, 2021Updated 5 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple ac…☆512Apr 22, 2018Updated 8 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,494Oct 12, 2024Updated last year
- A PoC Java Stager which can download, compile, and execute a Java file in memory.☆108Aug 6, 2018Updated 7 years ago
- A collection of pentest and development tips☆1,128May 26, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- DNS-Persist is a post-exploitation agent which uses DNS for command and control.☆209Nov 20, 2017Updated 8 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆519Jul 29, 2020Updated 5 years ago
- Code-Audit-Challenges☆988Nov 17, 2018Updated 7 years ago
- Various tools for managing bug bounty recon and exploration.☆48Dec 8, 2022Updated 3 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆222Updated this week
- Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.☆222Oct 16, 2023Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Java RMI enumeration and attack tool.☆747Sep 28, 2017Updated 8 years ago
- webshell样本大合集。收集各种webshell用于webshell分析与发现。——www.shellpub.com☆226Mar 22, 2017Updated 9 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- My pentest cheat sheet☆16Apr 27, 2017Updated 9 years ago
- a passive scanner based on Mitmproxy and Arachni☆106Aug 17, 2017Updated 8 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆315Mar 24, 2018Updated 8 years ago
- WEB SERVICE SECURITY ASSESSMENT TOOL☆390Sep 24, 2021Updated 4 years ago
- Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.☆1,926Sep 7, 2020Updated 5 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆741May 4, 2019Updated 7 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,744Dec 1, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Collection of social engineering payloads☆299Oct 19, 2017Updated 8 years ago
- Learn how to get a reverse shell from JIRA application server☆24Dec 2, 2018Updated 7 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Dec 24, 2013Updated 12 years ago
- Another way to bypass WAF Cheat Sheet (draft)☆435Nov 28, 2018Updated 7 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- Super Simple Python Word List Generator for Fuzzing and Brute Forcing in Python☆54Oct 1, 2020Updated 5 years ago
- Information Repository on Various Methods of getting shell access into a Windows machine☆17Feb 11, 2020Updated 6 years ago