mgm-sp / WAF-Payload-Collection
Payloads that can be used for testing web application firewalls
☆45Updated 2 years ago
Alternatives and similar repositories for WAF-Payload-Collection:
Users that are interested in WAF-Payload-Collection are comparing it to the libraries listed below
- Measures the effectiveness of your Web Application Firewall (WAF)☆78Updated last year
- Testing datasets and tools to compare WAF efficacy☆171Updated last month
- A Terraform reproducer for IngressNightmare☆24Updated last month
- Awesome resources about Security in Kubernetes☆42Updated 2 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆168Updated 2 months ago
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.☆79Updated last week
- First iteration of ML based Feedback WAF☆58Updated last year
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆49Updated last week
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports f…☆141Updated 2 years ago
- Vulnerability scanner for AWS customer managed policies using ChatGPT☆163Updated 2 years ago
- Damn Vulnerable SCA Application☆32Updated this week
- An extension to use Semgrep inside Burp Suite.☆88Updated last year
- ☆110Updated last year
- AutoSpear☆61Updated last year
- Vulnerable environments paired with ready-to-use Nuclei templates for security testing and learning! 🚀☆85Updated 3 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 5 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆86Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆157Updated 4 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆106Updated 5 months ago
- ☆77Updated 11 months ago
- Chat automates Nuclei template generation☆107Updated last year
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆43Updated 7 months ago
- A fast enumeration tool for publicly exposed Azure Storage blobs.☆93Updated 2 years ago
- WAF bypass PoC☆47Updated last year
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆74Updated 11 months ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆98Updated last year
- Nuclei templates for K8S security scanning☆101Updated 3 years ago
- Nuclei documentation☆83Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 6 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated 7 months ago