Check your WAF before an attacker does
☆1,494Mar 14, 2026Updated 3 months ago
Alternatives and similar repositories for waf-bypass
Users that are interested in waf-bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple tool for bypassing file upload restrictions.☆902Jul 22, 2024Updated last year
- An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws☆4,037Oct 4, 2025Updated 8 months ago
- ☆547Jun 26, 2024Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,569Mar 8, 2026Updated 3 months ago
- 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…☆1,802Jun 21, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 1337 Wordlists for Bug Bounty Hunting☆968Jun 21, 2026Updated last week
- Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules…☆6,133Jul 12, 2024Updated last year
- A python script to scan for Apache Tomcat server vulnerabilities.☆896Jan 12, 2026Updated 5 months ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆386May 19, 2023Updated 3 years ago
- Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥☆7,526Mar 26, 2026Updated 3 months ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆101May 2, 2024Updated 2 years ago
- Detect and bypass web application firewalls and protection systems☆2,905Aug 11, 2024Updated last year
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,521Jan 8, 2026Updated 5 months ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.☆3,235May 13, 2023Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆898May 3, 2023Updated 3 years ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,851Apr 17, 2026Updated 2 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,727May 15, 2026Updated last month
- Hidden parameters discovery suite☆2,070Sep 8, 2024Updated last year
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆5,094Updated this week
- Rockyou for web fuzzing☆3,182Mar 11, 2026Updated 3 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,580Sep 4, 2025Updated 9 months ago
- Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.☆311Jul 15, 2023Updated 2 years ago
- A Security Tool for Bug Bounty, Pentest and Red Teaming.☆4,320Jun 2, 2026Updated 3 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This map lists the essential techniques to bypass anti-virus and EDR☆3,285Mar 28, 2025Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,849May 22, 2024Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆377Jul 25, 2023Updated 2 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆1,082Mar 24, 2026Updated 3 months ago
- A simple script just made for self use for bypassing 403☆2,175May 30, 2024Updated 2 years ago
- HTTP parameter discovery suite.☆6,321Feb 20, 2025Updated last year
- A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities …☆2,332Jun 9, 2024Updated 2 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…