github-starred/awesome-bugbounty-tools
2
0
Fork 0
mirror of https://github.com/vavkamil/awesome-bugbounty-tools.git synced 2026-04-30 11:18:03 -05:00
Code Issues 20 Packages Projects Releases Wiki Activity

Merge pull request #73 from SecHoussam/main

Browse Source 
adding waf bypassing tools
This commit is contained in:
Kamil Vavra
2026-02-01 12:21:08 +01:00
committed by GitHub
parent 0a7d15cf4a 2c314da5a1
commit 1b5e3557e2
1 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@@ -15,6 +15,7 @@
- [Parameters](#Parameters)
- [Fuzzing](#Fuzzing)
- [Monitoring](#Monitoring)
- [Waf Evasion ](#Waf-Evasion)
- [Exploitation](#Exploitation)
- [Command Injection](#Command-Injection)
@@ -399,7 +400,21 @@
### Web-Cache-Poisoning
- [toxicache](https://github.com/xhzeem/toxicache) - Go scanner to find web cache poisoning vulnerabilities in a list of URLs .
---
### Waf Evasion
- cli :
- [nomore403](https://github.com/devploit/nomore403) - 🚫 Advanced tool for security researchers to bypass 403/40X restrictions .
- [XFFenum](https://github.com/vavkamil/XFFenum) - A simple tool to bypass 403 forbidden end-points behind load balancers (Cloudflare) based on X-Forwarded-For header.
- [Forbidden Buster](https://github.com/Sn1r/Forbidden-Buster) - A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system.
- burpSuite Plugin :
- [nowafpls](https://github.com/assetnote/nowafpls/) - Burp Plugin to Bypass WAFs through the insertion of Junk Data .
---
## Miscellaneous
@@ -539,11 +554,6 @@
- [SSTImap](https://github.com/vladko312/SSTImap) - SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and exploit them, giving access to the operating system itself.
- [Lonkero](https://github.com/bountyyfi/lonkero) - Enterprise-grade web vulnerability scanner with 60+ attack modules, built in Rust for penetration testing and security assessments.
### Forbidden Bypass
- [XFFenum](https://github.com/vavkamil/XFFenum) - A simple tool to bypass 403 forbidden end-points behind load balancers (Cloudflare) based on X-Forwarded-For header.
- [NoMore403](https://github.com/devploit/nomore403) - Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation.
- [Forbidden Buster](https://github.com/Sn1r/Forbidden-Buster) - A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system.
### Permutation