#
waf
Here are 240 public repositories matching this topic...
tealord
commented
Jan 29, 2019
Since maxmind no longer provides the legacy GeoIP databases could it might be possible to update the nxtool to use GeoIP2?
rubyFeedback
commented
Apr 23, 2019
Hello.
I am currently learning sinatra and am slowly progressing.
Oddly enough I had most progress so far thanks to various videos (I'll not link in
these videos so as to avoid "advertising" for any, but you can definitely find
sinatra videos when you are looking for them).
There is another "logical" step that will come past sinatra - which is to use padrino.
At the least to me this is
My simple Swiss Army knife for http/https troubleshooting and profiling.
waf
http-requests
nmap
testing-tools
redirect-urls
debugging-tools
security-tools
ssllabs-scan
nmap-scripts
swissarmyknife
mozilla-observatory
testssl
httptracer
https-troubleshoting
sublist3r
-
Updated
Jul 2, 2020 - Shell
awesome
firewall
waf
awesome-list
web-application-firewall
bypass-wafs
waf-test
waf-detection
waf-bypass
-
Updated
Jan 3, 2020 - Python
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
-
Updated
Jun 21, 2020 - Python
Detect and bypass web application firewalls and protection systems
firewall
detection
waf
web-application
fingerprinting
bypass
web-application-firewall
web-application-firewall-bypassing
-
Updated
Mar 4, 2020 - Python
Collection of quality safety articles
github
java
dns
security
list
research
web
hacking
waf
xss
bug-bounty
src
pentest
hacker
acknowledgments
fuzz
sec
ruby-programs
xxe
websec
redteam
bounty-hunters
quality-safety-articles
-
Updated
Jun 29, 2020
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
python
tools
cdn
detection
waf
fingerprint
python3
identification
scan-tool
pentest
portscan
port-scanning
security-tools
directory-scanning
poc-scanning
website-fingerprint
fingerprint-recognition-error
-
Updated
Jan 2, 2020 - Python
3
akaegi
commented
Jan 23, 2017
In particular I am missing in the docs:
- Section Synopsis: explain what the effect is of calling
waf:exec()in all ofaccess_by_lua,header_filter_by_luaandbody_filter_by_lua. why do you need to callwaf:exec()in each of them? - Section Synopsis: it seems there is an error in
log_by_lua. It seems to me it should rather log there and not call exec, as described by https://github.c
Janusec Application Gateway, Provides Simple, Fast and Secure Application Delivery. JANUSEC应用网关,提供简单、快速、安全的应用交付。
go
golang
security
gateway
waf
xss
reverse-proxy
sql-injection
application-security
web-application-firewall
web-console
web-application-security
web-ssh
application-gateway
load-balance
cc-attack-defense
sensitive-data-leakage
janusec-application-gateway
-
Updated
Jul 3, 2020 - Go
ModSecurity v3 Nginx Connector
-
Updated
Jun 1, 2020 - Perl
Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
-
Updated
May 5, 2019 - Python
Web interface for managing Haproxy, Nginx and Keepalived servers
gui
web
frontend
interface
management
openstack
waf
webui
web-interface
haproxy-configuration
lbs
web-gui
loadbalancer
web-manager
haproxy-servers
haproxy-status
haproxy-gui
haproxy-wi
haproxy-managment
high-availibility
-
Updated
Jul 3, 2020 - JavaScript
-
Updated
Apr 24, 2019 - Java
Web security protection system based on openresty
-
Updated
Mar 20, 2020 - C
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
-
Updated
May 4, 2019 - Java
TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
-
Updated
Jun 25, 2020 - Go
-
Updated
Feb 22, 2019
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
jar
waf
pentesting
sqlmap
burpsuite
burp-extensions
hacktool
pentest-tool
hackbar
burpsuite-extender
burpsuite-tools
j2eescan
burp-requests
-
Updated
Jun 21, 2020 - Python
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
python
middleware
proxy
waf
xss
penetration-testing
sql-injection
bypass
hacking-tool
ssrf
security-tools
websecurity
-
Updated
Jan 5, 2020 - Python
-
Updated
Sep 17, 2019 - Python
Improve this page
Add a description, image, and links to the waf topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the waf topic, visit your repo's landing page and select "manage topics."
I want to Configure Modsecurity on Apache2.4 windows sever.
I want to prevent SQLinjection & XSS attacks at server level.