realad / waf-testingLinks
A lightweight toolkit for testing Web Application Firewall (WAF) effectiveness and identifying security gaps. This repository is available as a template that you can quickly customize for your own WAF testing needs.
☆56Updated 9 months ago
Alternatives and similar repositories for waf-testing
Users that are interested in waf-testing are comparing it to the libraries listed below
Sorting:
- Find CVEs associated to Linux and public exploits on github☆119Updated 9 months ago
- Domain_checker application is the trial/demo version for the new EASM (External Attack Surface Management) system called HydrAttack (hydr…☆189Updated last year
- ☆55Updated last year
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.☆131Updated last year
- ☆195Updated 9 months ago
- ☆68Updated 3 years ago
- Dredging up secrets from the depths of the file system☆132Updated last year
- ☆244Updated last year
- ThreatTracer - A python Script to identify CVE by name & version and more by @FR13ND0x7F☆138Updated 8 months ago
- Derrick is an advanced data leak scanning and CVE vulnerability analysis tool, designed for cybersecurity researchers and digital defense…☆32Updated 11 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆331Updated 3 months ago
- Repository with some necessary information for you to create your PenTest consultancy☆101Updated last year
- CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based t…☆131Updated last year
- AWS, Azure, Alibaba and Google bucket scanner☆173Updated 2 years ago
- A fully automated subdomain reconnaissance and sensitive data discovery toolkit.☆47Updated 7 months ago
- hauditor is a tool designed to analyze the security headers returned by a web page.☆176Updated last year
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆108Updated 5 months ago
- 🔍 LFIer is a powerful and efficient tool for detecting Local File Inclusion (LFI) vulnerabilities in web applications.☆55Updated last year
- List of tools and resources for pentesting Microsoft Active Directory☆114Updated 7 months ago
- APIsec|SCAN - Free API security testing using Github actions☆103Updated last year
- I have created this dashboard to track oscp preparation. I have used several resources and has been mentioned in dashboard. Tjnull's blog…☆13Updated 3 years ago
- gRPC Goat is a "Vulnerable by Design" lab created to provide an interactive, hands-on playground for learning and practicing gRPC securit…☆50Updated 4 months ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆87Updated last month
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It …☆68Updated 8 months ago
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆89Updated 7 months ago
- PAYGoat is a banking application built for educational purposes, focused on exploring and understanding common business logic flaws in fi…☆185Updated last month
- ☆65Updated 2 years ago
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆225Updated 5 months ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆141Updated 3 years ago
- Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces☆163Updated 9 months ago