Alternatives and similar repositories for what-the-waf:

Users that are interested in what-the-waf are comparing it to the libraries listed below

• AceRockson / WAFFLE
  Web Application Firewall For Limited Exploitation
  ☆17Updated 7 years ago
• DamonMohammadbagher / NativePayload_ICMP
  C# code for Transferring Backdoor Payloads by ICMPv4 Traffic and bypassing Anti-Viruses
  ☆29Updated last year
• 1337g / CVE-2017-10271
  CVE-2017-10271 WEBLOGIC RCE (TESTED)
  ☆38Updated 7 years ago
• augustd / burp-suite-token-fetcher
  Burp Extender to add unique form tokens to scanner requests.
  ☆14Updated 3 months ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 8 years ago
• Z3R0th-13 / Profit
  Simple PowerShell enumeration script to look for interesting files
  ☆10Updated 5 years ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 9 years ago
• drk1wi / HeaderScan
  "HeaderScan" Burp Plugin
  ☆16Updated 10 years ago
• ParsingTeam / ppsx-file-generator
  CVE-2017-8570 Exploit
  ☆21Updated 7 years ago
• nccgroup / scenester
  A tool to visually snapshot a website by supplying multiple user-agent. Designed to aid in discovery of different entry points into an ap…
  ☆31Updated 8 years ago
• edermi / go-tomcat-mgmt-scanner
  A simple scanner to find and brute force tomcat manager logins
  ☆28Updated 5 years ago
• woanware / application-restriction-bypasses
  A set of compiled application restriction bypasses
  ☆29Updated 7 years ago
• homjxi0e / PoC-ActiveX
  PoC ActiveX SVG Document Execution
  ☆21Updated 6 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 8 years ago
• khr0x40sh / PowerW0rm
  ☆15Updated 9 years ago
• rvrsh3ll / POSH-Commander
  Invoke remote powershell scripts in memory of compromised hosts.
  ☆10Updated 10 years ago
• preempt / rdpy
  Remote Desktop Protocol in Twisted Python
  ☆26Updated 6 years ago
• alienwithin / 0x88
  0x88 exploit pack Decoded
  ☆28Updated 10 years ago
• tomekr / BurpFlashCSRFBuilder
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Updated 11 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 8 years ago
• DanMcInerney / Autobloodhound
  Automatically parses and attacks BloodHound-generated graphs
  ☆41Updated 6 years ago
• B34MR / rc4Gen
  Generates a MSF Reverse TCP RC4 payload encoded in Powershell to the clipboard
  ☆9Updated 8 years ago
• MostafaSoliman / CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit
  ☆18Updated 6 years ago
• milo2012 / burpSQL
  Automating SQL injection using Burp Proxy Logs and SQLMap
  ☆27Updated 12 years ago
• breenmachine / various
  ☆20Updated last year
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆51Updated 8 years ago
• infobyte / isr-sqlget
  ISR-sqlget It's a blind SQL injection tool developed in Perl.
  ☆14Updated 11 years ago
• DiabloHorn / DiabloHorn
  Projects and POCs
  ☆59Updated 10 years ago
• thomaspatzke / Burp-SessionAuthTool
  Burp plugin which supports in finding privilege escalation vulnerabilities
  ☆40Updated 2 years ago
• jm33-m0 / CVE-2018-7750
  an RCE (remote command execution) approach of CVE-2018-7750
  ☆21Updated 6 years ago