evilwaf is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).
☆740Mar 22, 2026Updated 3 weeks ago
Alternatives and similar repositories for evilwaf
Users that are interested in evilwaf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Another BYOVD process killer. works on CrowdStrike. fully signed.☆150Apr 5, 2026Updated last week
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆61Mar 27, 2026Updated 2 weeks ago
- Deep Packet Inspection • Traffic Forensics • Network Threat Detection☆52Feb 20, 2026Updated last month
- Grab form parameters easily☆14Dec 11, 2024Updated last year
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆72Oct 22, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆15Apr 17, 2025Updated 11 months ago
- ☆11May 25, 2024Updated last year
- A python-based vulnerability scanner designed to identify open redirect flaws in website applications.☆24Mar 15, 2026Updated 3 weeks ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆86Jan 26, 2026Updated 2 months ago
- Scan websites for exposed Supabase JWTs, enumerate accessible tables, and detect sensitive data exposure automatically.☆124Dec 29, 2025Updated 3 months ago
- URILoot is a browser extension designed for Bug Bounty Hunters and Pentesters. Makes fetching uris easy from various sources.☆61Feb 15, 2026Updated last month
- ☆177Mar 16, 2026Updated 3 weeks ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆115Mar 30, 2026Updated last week
- A lightweight Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).☆68Dec 17, 2025Updated 3 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Slide deck for DEF CON 30 - Read Team Village - Offensive Wireless Security presentation☆13Aug 16, 2022Updated 3 years ago
- Generate DLL proxy/sideload projects. Automatically parses PE export tables and generates ready-to-compile project for red team engagemen…☆138Mar 8, 2026Updated last month
- Burp Suite Extension useful to inspect UPnP security☆16Nov 9, 2021Updated 4 years ago
- best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect☆1,550Dec 7, 2025Updated 4 months ago
- Azure apim mini proxy☆55Feb 16, 2026Updated last month
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆166Oct 21, 2025Updated 5 months ago
- Subdomain Enumerator and Simple Crawler☆357Feb 12, 2026Updated 2 months ago
- AI-powered ffuf wrapper☆711Dec 4, 2025Updated 4 months ago
- AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)☆268Jan 21, 2026Updated 2 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆94Jan 14, 2026Updated 2 months ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…☆1,578Mar 16, 2026Updated 3 weeks ago
- Fileless C2 agent written in pure x64 Assembly for Linux. Features stealth ICMP tunneling, memory-only execution via memfd_create, and te…☆108Updated this week
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G/LTE Routers☆98Sep 10, 2025Updated 7 months ago
- Repository focused on advanced Red Team tools and techniques, mainly created with C. It contains projects I have created to understand ma…☆21Mar 23, 2026Updated 2 weeks ago
- A lightweight Python HTTP server with fuzzy filename matching and automatic fallback to directory listing.☆13Aug 28, 2025Updated 7 months ago
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆83Jun 11, 2025Updated 10 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Automated Cloud Misconfiguration Testing☆25Jun 20, 2025Updated 9 months ago
- CVE-2025-6218 is a directory traversal vulnerability in WinRAR that allows an attacker to place files outside the intended extraction dir…☆16Jul 10, 2025Updated 9 months ago
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆285Updated this week
- Red Team Scaner☆58Mar 28, 2026Updated 2 weeks ago
- Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket pattern☆129Mar 30, 2026Updated last week
- PowerShell tool for auditing Microsoft Entra ID Conditional Access policies and MFA compliance☆44Aug 2, 2025Updated 8 months ago
- Detection for CVE-2025-61882 & CVE-2025-61884☆36Oct 14, 2025Updated 5 months ago