Alternatives and similar repositories for WAF-Bypass

Users that are interested in WAF-Bypass are comparing it to the libraries listed below

• SirBugs / endext
  EndExt is a .go tool for extracting all the possible endpoints from the JS files
  ☆215Updated last year
• nu11pointer / fuzzlists
  A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc
  ☆103Updated 5 months ago
• dragonked2 / Dons
  Dons Js Scanner is a sleek command-line tool that hunts for hidden treasures—API keys, credentials, and secrets—lurking in the JavaScript…
  ☆82Updated last month
• bm402 / apidor
  A tool that automates the search for IDOR vulnerabilities in web apps and APIs
  ☆59Updated 4 years ago
• pikpikcu / nodesub
  Nodesub is a command-line tool for finding subdomains in bug bounty programs
  ☆148Updated last year
• schooldropout1337 / nuclei-templates
  ☆167Updated 10 months ago
• schooldropout1337 / lazyegg
  ☆152Updated last year
• CharanRayudu / Custom-Nuclei-Templates
  ☆127Updated 4 years ago
• VictorNS69 / swagger-ui-xss
  Swagger UI >=3.14.1 < 3.38.0 XSS payload
  ☆22Updated last year
• BountySecurity / gbounty
  GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identif…
  ☆143Updated 4 months ago
• errorfiathck / IDOR-Forge
  IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…
  ☆167Updated this week
• xhzeem / toxicache
  Go scanner to find web cache poisoning vulnerabilities in a list of URLs
  ☆144Updated last year
• h0tak88r / Sec-88
  Cyber Security Notes, Methodology, Resources and Tips
  ☆180Updated last week
• RevoltSecurities / Dnsbruter
  Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…
  ☆123Updated 8 months ago
• HernanRodriguez1 / SQLi_Sleeps
  ☆121Updated last week
• mmarting / unwaf
  Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…
  ☆97Updated last month
• e1abrador / sub.Monitor
  Self-hosted passive subdomain continous monitoring tool.
  ☆166Updated last year
• lucsemassa / burp_bug_finder
  Automatic Bug finder with buprsuite
  ☆165Updated 2 years ago
• i5nipe / nipejs
  Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…
  ☆94Updated last year
• cve-sandbox / jquery
  CVE Collection of jQuery XSS Payloads
  ☆71Updated 2 years ago
• Asperis-Security / xssFuzz
  🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
  ☆112Updated 11 months ago
• cyspad / Weaponize-Your-Burp
  Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite
  ☆78Updated 2 years ago
• EmadYaY / 2FA-Bypass-Techniques
  A comprehensive collection of various techniques and methods for bypassing Two-Factor Authentication (2FA) security mechanisms.
  ☆54Updated 7 months ago
• Anof-cyber / ParaForge
  A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
  ☆140Updated 2 years ago
• ch1y0w0 / ParamScan
  ParamScan is a chrome extension for finding reflected parameters in a webpage.
  ☆83Updated 7 months ago
• zapstiko / Bug-Bounty
  Here Are Some Bug Bounty Resource From Twitter
  ☆99Updated 2 months ago
• reewardius / iis-pentest
  ☆74Updated 2 months ago
• anmolksachan / WayBackupFinder
  A passive way to find backups/ sensitive information.
  ☆86Updated last month
• c1phy / sqltimer
  A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.
  ☆131Updated 3 months ago
• SeifElsallamy / Blind-XSS-Manager
  Never forget where you inject.
  ☆261Updated 2 weeks ago