mgm-sp / WAF-Payload-CollectionLinks
Payloads that can be used for testing web application firewalls
☆48Updated 2 years ago
Alternatives and similar repositories for WAF-Payload-Collection
Users that are interested in WAF-Payload-Collection are comparing it to the libraries listed below
Sorting:
- Measures the effectiveness of your Web Application Firewall (WAF)☆79Updated last week
- Testing datasets and tools to compare WAF efficacy☆176Updated 2 months ago
- First iteration of ML based Feedback WAF☆59Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆169Updated 4 months ago
- A Terraform reproducer for IngressNightmare☆25Updated 2 months ago
- Vulnerability scanner for AWS customer managed policies using ChatGPT☆163Updated 2 years ago
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports f…☆142Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆159Updated 6 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆43Updated 8 months ago
- Tools for finding SMTP smuggling vulnerabilities.☆128Updated last year
- Curating Falco rules with MITRE ATT&CK Matrix☆80Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆108Updated 6 months ago
- ☆77Updated 3 weeks ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆172Updated 7 months ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆99Updated last year
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆181Updated last year
- Nuclei documentation☆83Updated last year
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…☆86Updated last year
- A fast enumeration tool for publicly exposed Azure Storage blobs.☆94Updated 2 years ago
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆315Updated 2 months ago
- Secrets scanner that understands code☆142Updated 3 months ago
- Damn Vulnerable SCA Application☆36Updated last month
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆218Updated last month
- A suite for hunting suspicious targets, expose domains and phishing discovery☆359Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 4 months ago
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆139Updated last month
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.☆91Updated last month
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆115Updated last year
- Proviesec Fuzz Scanner - dir/path web scanner☆101Updated 5 months ago