realad / waf-testingLinks
A lightweight toolkit for testing Web Application Firewall (WAF) effectiveness and identifying security gaps. This repository is available as a template that you can quickly customize for your own WAF testing needs.
☆51Updated 5 months ago
Alternatives and similar repositories for waf-testing
Users that are interested in waf-testing are comparing it to the libraries listed below
Sorting:
- Find CVEs associated to Linux and public exploits on github☆119Updated 5 months ago
- Domain_checker application is the trial/demo version for the new EASM (External Attack Surface Management) system called HydrAttack (hydr…☆189Updated last year
- ☆55Updated last year
- ☆240Updated 8 months ago
- ☆190Updated 5 months ago
- An automated NMAP python script☆48Updated 7 months ago
- ☆67Updated 3 years ago
- Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.☆149Updated 2 weeks ago
- List of tools and resources for pentesting Microsoft Active Directory☆100Updated 3 months ago
- 🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains ass…☆16Updated 5 months ago
- ThreatTracer - A python Script to identify CVE by name & version and more by @FR13ND0x7F☆137Updated 4 months ago
- ☆54Updated 2 weeks ago
- ☆65Updated 2 years ago
- Repository with some necessary information for you to create your PenTest consultancy☆100Updated 8 months ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆128Updated 3 years ago
- MayorSec DNS Enumeration Tool☆88Updated 10 months ago
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆101Updated last month
- ☆78Updated 2 years ago
- A curated list of tools and resources that I use daily as a Purple-Team operator.☆90Updated 4 months ago
- 🔍 LFIer is a powerful and efficient tool for detecting Local File Inclusion (LFI) vulnerabilities in web applications.☆54Updated 9 months ago
- I have created this dashboard to track oscp preparation. I have used several resources and has been mentioned in dashboard. Tjnull's blog…☆13Updated 3 years ago
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆75Updated last year
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆109Updated last year
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆232Updated this week
- ☆94Updated 6 months ago
- AWS, Azure, Alibaba and Google bucket scanner☆156Updated 2 years ago
- ☆73Updated 9 months ago
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It …☆63Updated 4 months ago
- An offline Phishing Email Analyzer. Enabling non-techies to analyze phishing emails automatically!☆64Updated last year
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆86Updated 3 months ago