bypasswaf
Header injector
An extension that automatically adds headers to Burp requests to bypass certain Web Application Firewall products.
Add headers to all Burp requests to bypass some WAF products
330 stars
38 watching
109 forks
Language: Java
last commit: almost 7 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 julianjm/waf_bypadd | A tool designed to bypass WAFs by padding HTTP requests with dummy data to evade detection and analysis. | 4 |
 nccgroup/burpsuitehttpsmuggler | A tool to bypass web application firewalls (WAFs) and test their effectiveness | 709 |
| codewatchorg/burp-indicatorsofvulnerability | A Burp extension that scans application traffic for signs of vulnerabilities and potential attack targets | 41 |
| codewatchorg/burp-anonymouscloud | An extension that scans cloud storage services for vulnerabilities and identifies publicly accessible resources. | 41 |
| codewatchorg/burp-yara-rules | Provides Yara rules to identify malicious software in web applications | 44 |
| nccgroup/jwt-reauth | An extension for the Burp Suite web security testing tool that caches authentication tokens and injects them into subsequent requests. | 100 |
 boku7/injectetwbypass | Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall | 277 |
 portswigger/collaborator-everywhere | An extension for Burp Suite Pro that injects non-invasive headers to reveal backend systems by causing pingbacks. | 425 |
 corazawaf/coraza-proxy-wasm | A Web Application Firewall built on top of Coraza and implementing the proxy-wasm ABI | 115 |
 anof-cyber/pycript | A tool for bypassing client-side encryption in web applications during penetration testing and bug bounty activities | 186 |
 hrbrmstr/cfhttr | A package that bypasses Cloudflare's anti-DDoS protection scheme by simulating the JavaScript challenge required to access some files | 9 |
 octoberfest7/eventvieweruac_bof | A tool that bypasses UAC restrictions on Windows by deserializing and executing malicious code in Event Viewer. | 128 |
 yg-ht/burp-lookoverthere | A Burp Suite extension to enhance scanning by injecting HTTP redirects into responses from specific APIs. | 0 |
 vincentcox/bypass-firewalls-by-dns-history | Automatically identifies potential bypass points around web application firewalls (WAFs) by analyzing DNS history records and HTTP responses. | 1,197 |
 hack2fun/bypassav | A tool for generating obfuscated executable files to evade antivirus detection | 899 |