Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
---|---|---|---|---|---|---|---|---|---|---|
Whatwaf | 2,508 | 5 months ago | 476 | other | Python | |||||
Detect and bypass web application firewalls and protection systems | ||||||||||
Waf Bypass | 970 | 5 months ago | mit | Python | ||||||
Check your WAF before an attacker does | ||||||||||
Burpsuitehttpsmuggler | 680 | 5 years ago | 1 | agpl-3.0 | Java | |||||
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques | ||||||||||
Cloudbunny | 342 | 4 months ago | mit | Python | ||||||
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. | ||||||||||
Bypasswaf | 273 | 6 years ago | 2 | Java | ||||||
Add headers to all Burp requests to bypass some WAF products | ||||||||||
Cerberus | 246 | 4 years ago | 5 | Python | ||||||
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能 | ||||||||||
Waf Bypass Cheat Sheet | 224 | 5 years ago | ||||||||
Another way to bypass WAF Cheat Sheet (draft) | ||||||||||
Abuse Ssl Bypass Waf | 213 | 3 years ago | Python | |||||||
Bypassing WAF by abusing SSL/TLS Ciphers | ||||||||||
Wafpass | 202 | 7 months ago | 2 | mit | Python | |||||
Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF. | ||||||||||
Xorpass | 191 | 2 years ago | gpl-3.0 | Python | ||||||
Encoder to bypass WAF filters using XOR operations. |