waf-bypass-maker/waf-community-bypasses external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

waf-bypass-maker/waf-community-bypasses

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/waf-bypass-maker/waf-community-bypasses)

Close

waf-bypass-maker / waf-community-bypassesView on GitHubMore

• External links
• Readme badge

☆544Jun 26, 2024Updated last year

Alternatives and similar repositories for waf-community-bypasses

Users that are interested in waf-community-bypasses are comparing it to the libraries listed below

• assetnote / nowafpls

  View on GitHub
  Burp Plugin to Bypass WAFs through the insertion of Junk Data
  ☆1,426Jul 14, 2025Updated 7 months ago
• nemesida-waf / waf-bypass

  View on GitHub
  Check your WAF before an attacker does
  ☆1,468Jul 17, 2025Updated 7 months ago
• ayadim / Nuclei-bug-hunter

  View on GitHub
  i will upload more templates here to share with the comunity.
  ☆567Apr 17, 2024Updated last year
• 0xKayala / NucleiFuzzer

  View on GitHub
  NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…
  ☆1,823Aug 20, 2025Updated 6 months ago
• hisxo / JSpector

  View on GitHub
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆374Jul 25, 2023Updated 2 years ago
• r0oth3x49 / ghauri

  View on GitHub
  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
  ☆3,932Oct 4, 2025Updated 5 months ago
• w9w / JSA

  View on GitHub
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆560Mar 8, 2025Updated last year
• Karanxa / Bug-Bounty-Wordlists

  View on GitHub
  A repository that includes all the important wordlists used while bug hunting.
  ☆1,379Mar 11, 2023Updated 2 years ago
• davidenetti / SoftwareSecurityNotes

  View on GitHub
  Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.
  ☆20Feb 2, 2024Updated 2 years ago
• xm1k3 / cent

  View on GitHub
  Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
  ☆1,039Aug 23, 2025Updated 6 months ago
• projectdiscovery / alterx

  View on GitHub
  Fast and customizable subdomain wordlist generator using DSL
  ☆929Feb 5, 2026Updated last month
• Az0x7 / vulnerability-Checklist

  View on GitHub
  This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
  ☆3,270Feb 10, 2024Updated 2 years ago
• 0xPugal / fuzz4bounty

  View on GitHub
  1337 Wordlists for Bug Bounty Hunting
  ☆931Updated this week
• Josue87 / gotator

  View on GitHub
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆507Jul 17, 2022Updated 3 years ago
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,773May 22, 2024Updated last year
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,127Nov 25, 2024Updated last year
• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

  View on GitHub
  A cheat sheet that contains advanced queries for SQL Injection of all types.
  ☆3,154May 13, 2023Updated 2 years ago
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,552Updated this week
• reddelexc / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆5,358Feb 28, 2026Updated last week
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,033Feb 11, 2026Updated 3 weeks ago
• musana / fuzzuli

  View on GitHub
  fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
  ☆936Aug 24, 2023Updated 2 years ago
• topscoder / nuclei-wordfence-cve

  View on GitHub
  60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒
  ☆1,210Updated this week
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,500Jan 8, 2026Updated 2 months ago
• sAjibuu / Upload_Bypass

  View on GitHub
  A simple tool for bypassing file upload restrictions.
  ☆893Jul 22, 2024Updated last year
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆385Feb 3, 2026Updated last month
• brinhosa / apidetector

  View on GitHub
  APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …
  ☆365Mar 28, 2025Updated 11 months ago
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,530Updated this week
• LucasPDiniz / 403-Bypass

  View on GitHub
  Bypass 403 pages
  ☆130Jun 30, 2024Updated last year
• devploit / nomore403

  View on GitHub
  🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…
  ☆1,546Updated this week
• BugBountyzip / Bambdas

  View on GitHub
  ☆139Nov 9, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆721Feb 28, 2026Updated last week
• daffainfo / AllAboutBugBounty

  View on GitHub
  All about bug bounty (bypasses, payloads, and etc)
  ☆6,658Sep 8, 2023Updated 2 years ago
• edoardottt / missing-cve-nuclei-templates

  View on GitHub
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆426Mar 2, 2026Updated last week
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,028Sep 8, 2024Updated last year
• Dheerajmadhukar / 4-ZERO-3

  View on GitHub
  403/401 Bypass Methods + Bash Automation + Your Support ;)
  ☆1,574Jun 6, 2022Updated 3 years ago
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆985Jan 12, 2024Updated 2 years ago
• projectdiscovery / fuzzing-templates

  View on GitHub
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆89May 2, 2024Updated last year
• ifconfig-me / subowner

  View on GitHub
  SubOwner - A Simple tool check for subdomain takeovers.
  ☆116Oct 18, 2024Updated last year
• coffinxp / loxs

  View on GitHub
  best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect
  ☆1,528Dec 7, 2025Updated 3 months ago