A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
☆278Oct 29, 2018Updated 7 years ago
Alternatives and similar repositories for Bypassing-Web-Application-Firewalls
Users that are interested in Bypassing-Web-Application-Firewalls are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hand list of Powershell commands frequently used during penetration tests☆15Oct 14, 2018Updated 7 years ago
- Make XSS Great Again☆31Nov 29, 2019Updated 6 years ago
- Notes on Active Directory analysis and exploitation☆11Mar 7, 2019Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆825Dec 6, 2017Updated 8 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Detect and bypass web application firewalls and protection systems☆2,880Aug 11, 2024Updated last year
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- Automatic bypass (brute force) waf☆994Mar 9, 2022Updated 4 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple ac…☆510Apr 22, 2018Updated 7 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- A PoC Java Stager which can download, compile, and execute a Java file in memory.☆108Aug 6, 2018Updated 7 years ago
- A collection of pentest and development tips☆1,127May 26, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- DNS-Persist is a post-exploitation agent which uses DNS for command and control.☆209Nov 20, 2017Updated 8 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Code-Audit-Challenges☆991Nov 17, 2018Updated 7 years ago
- Various tools for managing bug bounty recon and exploration.☆48Dec 8, 2022Updated 3 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆222Mar 16, 2026Updated 2 weeks ago
- Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.☆223Oct 16, 2023Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- webshell样本大合集。收集各种webshell用于webshell分析与发现。——www.shellpub.com☆224Mar 22, 2017Updated 9 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- My pentest cheat sheet☆16Apr 27, 2017Updated 8 years ago
- a passive scanner based on Mitmproxy and Arachni☆108Aug 17, 2017Updated 8 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆315Mar 24, 2018Updated 8 years ago
- Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.☆1,915Sep 7, 2020Updated 5 years ago
- WEB SERVICE SECURITY ASSESSMENT TOOL☆390Sep 24, 2021Updated 4 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆738May 4, 2019Updated 6 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,726Dec 1, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Collection of social engineering payloads☆300Oct 19, 2017Updated 8 years ago
- Learn how to get a reverse shell from JIRA application server☆24Dec 2, 2018Updated 7 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Dec 24, 2013Updated 12 years ago
- Another way to bypass WAF Cheat Sheet (draft)☆433Nov 28, 2018Updated 7 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- Super Simple Python Word List Generator for Fuzzing and Brute Forcing in Python☆54Oct 1, 2020Updated 5 years ago
- Information Repository on Various Methods of getting shell access into a Windows machine☆17Feb 11, 2020Updated 6 years ago