Project Name	Stars	Most Recent Commit	Open Issues	License	Language
Whatwaf	2,508	5 months ago	476	other	Python
Detect and bypass web application firewalls and protection systems
Waf Bypass	970	5 months ago		mit	Python
Check your WAF before an attacker does
Burpsuitehttpsmuggler	680	5 years ago	1	agpl-3.0	Java
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Cloudbunny	342	4 months ago		mit	Python
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Bypasswaf	273	6 years ago	2		Java
Add headers to all Burp requests to bypass some WAF products
Cerberus	246	4 years ago	5		Python
一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Waf Bypass Cheat Sheet	224	5 years ago
Another way to bypass WAF Cheat Sheet (draft)
Abuse Ssl Bypass Waf	213	3 years ago			Python
Bypassing WAF by abusing SSL/TLS Ciphers
Wafpass	202	7 months ago	2	mit	Python
Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
Xorpass	191	2 years ago		gpl-3.0	Python
Encoder to bypass WAF filters using XOR operations.

Alternatives To Pfuzz

Select To Compare

Whatwaf ⭐ 2,508

Detect and bypass web application firewalls and protection systems

most recent commit 5 months ago

Waf Bypass ⭐ 970

Check your WAF before an attacker does

most recent commit 5 months ago

Burpsuitehttpsmuggler ⭐ 680

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

most recent commit 5 years ago

Cloudbunny ⭐ 342

CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.

most recent commit 4 months ago

Bypasswaf ⭐ 273

Add headers to all Burp requests to bypass some WAF products

most recent commit 6 years ago

Cerberus ⭐ 246

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产 bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQ XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

most recent commit 4 years ago

Waf Bypass Cheat Sheet ⭐ 224

Another way to bypass WAF Cheat Sheet (draft)

most recent commit 5 years ago

Abuse Ssl Bypass Waf ⭐ 213

Bypassing WAF by abusing SSL/TLS Ciphers

most recent commit 3 years ago

Wafpass ⭐ 202

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

most recent commit 7 months ago

Xorpass ⭐ 191

Encoder to bypass WAF filters using XOR operations.

most recent commit 2 years ago

Suggest An Alternative To pFuzz

Alternative Project Comparisons

Pfuzz vs Whatwaf

Pfuzz vs Waf Bypass

Pfuzz vs Burpsuitehttpsmuggler

Pfuzz vs Cloudbunny

Pfuzz vs Bypasswaf

Pfuzz vs Cerberus

Pfuzz vs Waf Bypass Cheat Sheet

Pfuzz vs Abuse Ssl Bypass Waf

Pfuzz vs Wafpass

Pfuzz vs Xorpass

Popular Bypass Projects

Payloadsallthethings ⭐ 55,999

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

most recent commit 2 months ago

V2ray Core ⭐ 44,306

A platform for building proxies to bypass network restrictions.

dependent packages 41total releases 4latest release June 03, 2019most recent commit 4 months ago

Bypass Paywalls Chrome ⭐ 42,384

Bypass Paywalls web browser extension for Chrome and Firefox.

most recent commit 7 months ago

Xx Net ⭐ 32,389

A proxy tool to bypass GFW.

most recent commit 4 months ago

V2ray Core ⭐ 26,621

A platform for building proxies to bypass network restrictions.

dependent packages 31total releases 201latest release June 12, 2022most recent commit 4 months ago

Popular Web Application Firewall Projects

Safeline ⭐ 7,795

一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。

most recent commit 4 months ago

Modsecurity ⭐ 7,187

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

total releases 3latest release April 25, 2020most recent commit 4 months ago

Awesome Waf ⭐ 5,899

🔥 Web-application firewalls (WAFs) from security standpoint.

most recent commit 10 months ago

Wafw00f ⭐ 4,924

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

total releases 10latest release July 17, 2022most recent commit 2 months ago

Naxsi ⭐ 4,739

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

most recent commit 6 months ago

Popular Security Categories

Get A Weekly Email With Trending Projects For These Categories

No Spam. Unsubscribe easily at any time.

Python

Bypass

Web Application Firewall

Privacy | About | Terms | Follow Us On Twitter

Downloads, Dependent Repos, Dependent Packages, Total Releases, Latest Releases data powered by Libraries.io.