WhatWaf
Web firewall scanner
A tool for detecting and bypassing web application firewalls to gain unauthorized access.
Detect and bypass web application firewalls and protection systems
3k stars
75 watching
449 forks
Language: Python
last commit: 3 months ago
Linked from 1 awesome list
bypassdetectionfingerprintingfirewallwafweb-applicationweb-application-firewallweb-application-firewall-bypassing
enaqx/awesome-pentestRelated projects:
| Repository | Description | Stars |
|---|---|---|
 enablesecurity/wafw00f | A tool to identify and fingerprint Web Application Firewalls. | 5,296 |
 globaldatanet/aws-firewall-factory | A tool to simplify the deployment and management of AWS Web Application Firewalls (WAFs) in cloud-based applications. | 235 |
 faizann24/fwaf-machine-learning-driven-web-application-firewall | An application designed to detect and prevent malicious queries on web applications using machine learning algorithms. | 423 |
 bunkerity/bunkerweb | A next-generation web application firewall that integrates with various environments to provide out-of-the-box security for web services. | 6,540 |
 aws-solutions/aws-waf-security-automations | Automates deployment of AWS WAF security rules to protect against common web-based attacks | 857 |
 neuralegion/wafalyzer | A utility that analyzes HTTP responses to detect the presence of firewalls in web applications. | 34 |
 corazawaf/coraza-proxy-wasm | A Web Application Firewall built on top of Coraza and implementing the proxy-wasm ABI | 115 |
 andresriancho/w3af | A tool to identify and exploit vulnerabilities in web applications. | 4,580 |
| corazawaf/coraza | Protects web applications from common attacks by filtering incoming HTTP requests and blocking malicious traffic. | 2,258 |
 wallarm/gotestwaf | A tool to assess and evaluate API security solutions by generating malicious requests and simulating attacks on web applications. | 1,557 |
 vincentcox/bypass-firewalls-by-dns-history | Automatically identifies potential bypass points around web application firewalls (WAFs) by analyzing DNS history records and HTTP responses. | 1,197 |
 xmendez/wfuzz | A tool to automatically generate and test web application inputs for security vulnerabilities | 5,967 |
 julianjm/waf_bypadd | A tool designed to bypass WAFs by padding HTTP requests with dummy data to evade detection and analysis. | 4 |
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,618 |
 owtf/owtf | A tool that enables efficient and targeted vulnerability testing of web applications. | 1,821 |