https://github.com/wafpassproject/wafpass

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
https://github.com/wafpassproject/wafpass

analysing-parameters bypass-methods payload waf web-application-firewall

Last synced: 3 months ago
JSON representation

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

• Host: GitHub
• URL: https://github.com/wafpassproject/wafpass
• Owner: wafpassproject
• License: mit
• Created: 2017-02-10T22:03:30.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2023-10-16T07:27:52.000Z (about 1 year ago)
• Last Synced: 2024-05-30T08:37:10.817Z (5 months ago)
• Topics: analysing-parameters, bypass-methods, payload, waf, web-application-firewall
• Language: Python
• Size: 39.1 KB
• Stars: 206
• Watchers: 19
• Forks: 75
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - wafpassproject/wafpass - Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF. (Python)

README

        
# WAFPASS

                                                                

                            ██╗    ██╗ █████╗ ███████╗██████╗  █████╗ ███████╗███████╗

                            ██║    ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝

                            ██║ █╗ ██║███████║█████╗  ██████╔╝███████║███████╗███████╗

                            ██║███╗██║██╔══██║██╔══╝  ██╔═══╝ ██╔══██║╚════██║╚════██║

                            ╚███╔███╔╝██║  ██║██║     ██║     ██║  ██║███████║███████║

                             ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝     ╚═╝     ╚═╝  ╚═╝╚══════╝╚══════╝

                         

                                WAFPASS - Copyright (c) 2017 Hamed Izadi (@hezd). 

        

WAFPASS Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

   Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer from many deficits such as poor performance, lack of updates, and so forth. Thus, they are hindered from working effectively against everyday attacks that are equipped with cutting edge technological innovations. This vulnerability can cause various issues and even lead to security failures.

   

   WAFPASS’s ultimate goal is to present a solution for promoting security systems like WAF in addition to providing a general overview of the security solutions. 

   

   WAFPASS supports HTTP,HTTPS connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. Also, an intercepting proxy can be set up.

   

   

## Requirements:

  Python version 3.4.x is required for running this program.

## Disclaimer:

  This tool is only for testing and academic purposes and can only be used where strict consent has been given. Do not use it   for illegal purposes!

## Installation:

  Download WAFPASS by cloning the Git repository:

  

      $ git clone https://github.com/wafpassproject/wafpass.git

## Supported Platforms:

- Linux

- Mac OS X

- Windows

## Usage:

  To get a list of all options and switches use:

  

      $ python3 wafpass.py -h

   

   

   

  You can add your payloads in /payloads/*.csv like this:

  

      payload@description

      

## Support:

WAFPASS is the project of many hours of work and total personal dedication.

Please help us to improve this project.

## Questions?

Contact [me](mailto:[email protected])

## Author

Hamed Izadi 

A Special Thanks To

[Hamed Hosseini](mailto:[email protected]) 

## License

[MIT](./LICENSE)