174 Open source projects that are alternatives of or similar to Wafpass

A Terraform module to create AWF WAF Rules for OWASP Top 10 security risks protection.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Tesla is a gateway service that provides dynamic routing,waf,support spring cloud,gRPC,DUBBO and more.

A sandbox to protect your pwn challenges being pwned in CTF AWD.

Web interface for managing Haproxy, Nginx and Keepalived servers

Sqreen's Application Security Management for the Go language

checksum-reproducible tar archives (utility/library)

Python Remote Administration Tool (RAT)

Remote exploitation framework written in Python

The Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Code-Audit-Challenges

SMB Relay Attack Script

🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.

🎯 Server Side Template Injection Payloads

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

High-performance WAF built on the OpenResty stack

RubberDucky like payloads for DigiSpark Attiny85

Wafid identify and fingerprint Web Application Firewall (WAF) products.

Go-deliver is a payload delivery tool coded in Go.

SSTI Payload Generator

A polyglot payload generator

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Penetration tests guide based on OWASP including test cases, resources and examples.

🔠 Tool for generation samples based on OpenAPI(fka Swagger) payload/response schema

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Detect and bypass web application firewalls and protection systems

http interceptor to hoomanize cloudflare requests

Headless CMS and Application Framework built with Node.js, React and MongoDB

Fast and lightweight yet another UEFI implementation

Curiefense is a unified, open source platform protecting cloud native applications.

AutoIt HackTool, Shortcuts .lnk Payloads Generator As LNK-KISSER.

A powerful PHP WAF for AWD

Web Application Firewall (WAF) on Kubernetes

ARCANUS is a customized payload generator/handler.

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Exploit Discord's cache system to remote upload payloads on Discord users machines

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

xWAF 3.0 - Free Web Application Firewall, Open-Source.

Multiplatform payload dropper

A botwall for Java web applications

Translator from USB-Rubber-Ducky payloads to a Digispark code.

Python antivirus evasion tool

🔥Open source RASP solution

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

Collection of quality safety articles. Awesome articles.

Semantic Java API Library for NEM Platform

A Undetectable Payload Generation

MSFvenom Payload Creator (MSFPC)

Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

ModSecurity v3 Nginx Connector

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Hide your payload into .jpg file

An NGINX and ModSecurity based Web Application Firewall for Docker

An Advanced Tool For Complete Apk-Modding In Termux ...

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Metasploit Cheat Sheet 💣

CIDRAM: Classless Inter-Domain Routing Access Manager.