WAFNinja is a tool which contains two functions to attack Web Application Firewalls.

personal computing platform

Hidden parameters discovery suite

SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)

crawls the website and finds broken social media links that can be hijacked

NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications

A simple script just made for self use for bypassing 403

Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487

Proof of concept for DoS exploit

Interactive CLI Web Crawler

Automatic SQL injection and database takeover tool

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

MayorSec DNS Enumeration Tool

Automatically brute force all services running on a target.

Check your WAF before an attacker does

HTTP parameter discovery suite.

A quick and dirty HTTP/S "organic" traffic generator.

The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.

HTTP 403 bypass tool

A rapid HTTP downgrade smuggling scanner written in Go.

An IIS short filename enumeration tool

SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!

Official Kali Linux tool to check all urls of a domain for SQL injections :)

Burp Plugin to Bypass WAFs through the insertion of Junk Data

🕹 wso php webshell