GitHub topics: waf-bypass

Repositories

ibrahimsql/aether

🛡️ Aether: Revolutionary XSS toolkit combining scanning, smart WAF bypasses, and advanced payload generation. Perfect for modern pentesting and bug bounty hunting.

Language: C# - Size: 198 KB - Last synced at: about 17 hours ago - Pushed at: about 18 hours ago - Stars: 9 - Forks: 1

devploit/nomore403

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

Language: Go - Size: 6.89 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,237 - Forks: 151

0xInfection/Awesome-WAF

🔥 Web-application firewalls (WAFs) from security standpoint.

Language: Python - Size: 29.1 MB - Last synced at: 1 day ago - Pushed at: 6 months ago - Stars: 6,610 - Forks: 1,090

0xacb/recollapse

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

Language: Python - Size: 714 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,051 - Forks: 117

blacklanternsecurity/TREVORproxy

A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses!

Language: Python - Size: 44.9 KB - Last synced at: 6 days ago - Pushed at: about 1 month ago - Stars: 343 - Forks: 51

uzmanwebmaster/real_ip_discover

VULNFIX uncovers real IP addresses behind WAFs like Cloudflare, Akamai, Incapsula, and Sucuri. Using Shodan, Censys, and Zoomeye, it scans for leaks via DNS, SNI, and passive subdomain discovery. Free, community-driven, and ethical—try 3 daily scans or unlimited with registration.

Size: 2.93 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 0 - Forks: 0

Van-1337/AutoEASM

Tool for automated scanning of the common vulnerabilities of company subdomains

Language: Python - Size: 2.76 MB - Last synced at: 10 days ago - Pushed at: 11 days ago - Stars: 7 - Forks: 1

ndr-repo/awesome-encoding-escaping

A repository for tools and documentation for learning string encoding & unicode escaping.

Size: 59.6 KB - Last synced at: 10 days ago - Pushed at: 22 days ago - Stars: 0 - Forks: 0

Cyberheroess/Saldiscript

Bypass WAF payload adaptif

Language: Python - Size: 901 KB - Last synced at: 23 days ago - Pushed at: about 1 month ago - Stars: 10 - Forks: 3

Macmod/nsrip

A fast and simple batch DNS resolver for A/AAAA/CNAME records from multiple nameservers.

Language: Go - Size: 13.7 KB - Last synced at: 23 days ago - Pushed at: 6 months ago - Stars: 4 - Forks: 0

zenjahid/XSS-Hunter-Pro

Advanced Cross-Site Scripting (XSS) vulnerability testing framework with WAF bypass, DOM XSS detection, and comprehensive reporting capabilities.

Language: Python - Size: 25.4 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

ImKKingshuk/StealthNewSQL

StealthNewSQL : The Ultimate NewSQL Injection Tool - Your All-in-One Solution for NewSQL Database Security! 🛡️ Uncover, exploit, and secure NewSQL database vulnerabilities with this feature-packed command-line tool. Whether you're a penetration tester, security researcher, or developer, StealthNewSQL equips you with the ultimate power! 💥

Language: Shell - Size: 20.5 KB - Last synced at: 19 days ago - Pushed at: 8 months ago - Stars: 4 - Forks: 4

Vulnpire/sXtract

Fetch IP addresses from Shodan search results.

Language: Go - Size: 76.2 KB - Last synced at: about 2 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

Pyenb/CloudCheck

Checks if a given website, or list of websites, use the cloudflare service or not.

Language: Python - Size: 42 KB - Last synced at: 8 days ago - Pushed at: 11 months ago - Stars: 2 - Forks: 0

Mysteriza/Find-Origin-IP-Behind-WAF

Guide to discovering the origin IP of websites behind WAF.

Size: 16.6 KB - Last synced at: 2 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

hupe1980/scan4log4shell

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

Language: Go - Size: 3.23 MB - Last synced at: 8 days ago - Pushed at: about 3 years ago - Stars: 12 - Forks: 3

devploit/XORpass

Encoder to bypass WAF filters using XOR operations.

Language: Python - Size: 22.5 KB - Last synced at: 5 months ago - Pushed at: almost 3 years ago - Stars: 250 - Forks: 43

1337r0j4n/WOW-WSO

WOW WSO Web Shell ( 1337r0j4n's edition )

Language: PHP - Size: 308 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 2 - Forks: 0

Zeyad-Azima/WAF_Bypass_Guide

Guide For WAF Bypass Techniques

Size: 12.7 KB - Last synced at: 20 days ago - Pushed at: over 4 years ago - Stars: 25 - Forks: 15

fijimunkii/shodan-waf-bypass

Firewall bypass script based on shodan search results

Language: JavaScript - Size: 4.88 KB - Last synced at: 18 days ago - Pushed at: almost 6 years ago - Stars: 13 - Forks: 6

itssherwin/IPFinder

Finds server IP behind the WAFs or Cloud services

Language: Python - Size: 46.9 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0

papocch10/encode-me

Payload encoder for bypass WAF

Language: Go - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: over 5 years ago - Stars: 14 - Forks: 3

n1ghtf4l1/jubilant-robot-hacker

Collecting flags by evading, poisoning, stealing, and fooling AI/ML.

Language: Jupyter Notebook - Size: 58.8 MB - Last synced at: about 1 year ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

thadriss/Vulnerability_Scanner

This script is a powerful and efficient tool for identifying vulnerabilities in web applications. Its multi-threading, fingerprinting, exploit verification, WAF bypass and logging features make it a valuable addition to any security tester's toolkit.

Language: Python - Size: 12.7 KB - Last synced at: about 1 year ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 0