Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
☆223Oct 16, 2023Updated 2 years ago
Alternatives and similar repositories for wafpass
Users that are interested in wafpass are comparing it to the libraries listed below
Sorting:
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆822Dec 6, 2017Updated 8 years ago
- Automatic bypass (brute force) waf☆994Mar 9, 2022Updated 3 years ago
- WEB SERVICE SECURITY ASSESSMENT TOOL☆390Sep 24, 2021Updated 4 years ago
- Tools for auditing WAFS☆464Nov 24, 2020Updated 5 years ago
- acunetix☆62Mar 27, 2020Updated 5 years ago
- F-Scrack is a single file bruteforcer supports multi-protocol☆310Sep 5, 2017Updated 8 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,043Nov 24, 2019Updated 6 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 5 years ago
- An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically☆496Sep 21, 2021Updated 4 years ago
- WhichCDN allows to detect if a given website is protected by a Content Delivery Network☆150May 5, 2017Updated 8 years ago
- ☆139Jul 13, 2017Updated 8 years ago
- An open source XSS vulnerability scanner.☆61Nov 22, 2018Updated 7 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- Source Code Intelligence☆30Aug 21, 2017Updated 8 years ago
- 用于扫描git,svn泄露☆78Jul 29, 2015Updated 10 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- wiki.wooyun.org的部分快照网页☆80Oct 19, 2016Updated 9 years ago
- ☆613Oct 4, 2024Updated last year
- Simple script to automate brutforcing blind sql injection vulnerabilities☆50Jul 16, 2017Updated 8 years ago
- WAF Exploitation Framework☆13Aug 25, 2023Updated 2 years ago
- This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…☆160Dec 9, 2021Updated 4 years ago
- The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, …☆122Oct 2, 2018Updated 7 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆629Feb 5, 2019Updated 7 years ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆667Feb 25, 2021Updated 5 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Oct 12, 2017Updated 8 years ago
- OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web usin…☆163Jan 21, 2021Updated 5 years ago
- Next Generation Firewall Audit and Bypass Tool☆266Apr 24, 2017Updated 8 years ago
- ☆64Sep 5, 2017Updated 8 years ago
- ☆14May 13, 2018Updated 7 years ago
- WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …☆491Oct 3, 2024Updated last year
- Fingerprints servers, finds exploits, scans WebDAV. May or may not also make coffee.☆123Jul 9, 2019Updated 6 years ago
- a passive scanner based on Mitmproxy and Arachni☆108Aug 17, 2017Updated 8 years ago
- WAF Research☆183Jun 22, 2022Updated 3 years ago
- Feigong,针对各种情况自由变化的mysql注入脚本,In view of the different things freely change the mysql injection script☆107Jan 24, 2017Updated 9 years ago
- A DNS tunnel utilizing the Burp Collaborator☆103Oct 8, 2019Updated 6 years ago