realad / waf-testingLinks
A lightweight toolkit for testing Web Application Firewall (WAF) effectiveness and identifying security gaps. This repository is available as a template that you can quickly customize for your own WAF testing needs.
☆46Updated last month
Alternatives and similar repositories for waf-testing
Users that are interested in waf-testing are comparing it to the libraries listed below
Sorting:
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆61Updated last month
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆100Updated 2 weeks ago
- ☆55Updated last year
- MayorSec DNS Enumeration Tool☆87Updated 6 months ago
- Find CVEs associated to Linux and public exploits on github☆117Updated last month
- ☆66Updated 3 years ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆122Updated 9 months ago
- ☆46Updated 3 months ago
- ☆26Updated 2 years ago
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆96Updated last month
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆75Updated 9 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆91Updated 9 months ago
- 🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains ass…☆15Updated 3 weeks ago
- Cloud subdomains identification tool☆58Updated last month
- List of tools and resources for pentesting Microsoft Active Directory☆72Updated last week
- ☆107Updated 2 years ago
- ☆62Updated this week
- ☆93Updated 2 months ago
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆101Updated 2 weeks ago
- ☆64Updated 2 years ago
- I have created this dashboard to track oscp preparation. I have used several resources and has been mentioned in dashboard. Tjnull's blog…☆12Updated 2 years ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆82Updated last month
- Discovering Typo Squatting on your domains!☆70Updated 10 months ago
- 🔍 LFIer is a powerful and efficient tool for detecting Local File Inclusion (LFI) vulnerabilities in web applications.☆53Updated 5 months ago
- Bug Bounty Web and API Payloads☆35Updated 7 months ago
- 🚀 ORedirectMe is a robust and efficient tool designed to detect Open Redirect vulnerabilities in web applications.☆17Updated 5 months ago
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆94Updated last month
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆123Updated 2 years ago
- Automate Scoping, OSINT and Recon assessments.☆95Updated 4 months ago
- OSCP preparation tools, scripts and cheatsheets☆57Updated 2 years ago