realad / waf-testingLinks
A lightweight toolkit for testing Web Application Firewall (WAF) effectiveness and identifying security gaps. This repository is available as a template that you can quickly customize for your own WAF testing needs.
☆48Updated 2 months ago
Alternatives and similar repositories for waf-testing
Users that are interested in waf-testing are comparing it to the libraries listed below
Sorting:
- Find CVEs associated to Linux and public exploits on github☆118Updated 2 months ago
- ☆55Updated last year
- Derrick is an advanced data leak scanning and CVE vulnerability analysis tool, designed for cybersecurity researchers and digital defense…☆31Updated 3 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆105Updated last month
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆75Updated 9 months ago
- 🔍 LFIer is a powerful and efficient tool for detecting Local File Inclusion (LFI) vulnerabilities in web applications.☆53Updated 6 months ago
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆99Updated 2 months ago
- ☆64Updated 2 years ago
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆67Updated last week
- ☆94Updated 2 months ago
- ZeroTrace is a powerful ethical hacking tool for anonymization, routing all your system network traffic through the Tor network, making i…☆104Updated last week
- Garudaastra Tool is based on python3 to find cameras around the world☆28Updated last year
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆121Updated 3 years ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆83Updated 2 months ago
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.☆124Updated 5 months ago
- The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify…☆38Updated 5 months ago
- Dredging up secrets from the depths of the file system☆127Updated 7 months ago
- A repository with informtion related to Cloud Osint☆106Updated 2 months ago
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆96Updated last week
- ☆184Updated 2 months ago
- List of tools and resources for pentesting Microsoft Active Directory☆74Updated 3 weeks ago
- Discovering Typo Squatting on your domains!☆70Updated 10 months ago
- AWS, Azure, Alibaba and Google bucket scanner☆151Updated last year
- Automate Scoping, OSINT and Recon assessments.☆95Updated 4 months ago
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆109Updated last year
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆123Updated 9 months ago
- Cloud subdomains identification tool☆59Updated 2 months ago
- ☆67Updated 3 years ago
- This is an UNOFFICIAL guide and general list of cheatsheets, references, and walkthroughs aligned with the OffSec OSCP exam process☆28Updated last year
- 🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains ass…☆16Updated last month