Undetectable Windows Payload Generation
persistence kali payloads bypass antivirus uac meter msfconsole metasploit powershell netsec undetectableWhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target.
firewall detection waf web-application fingerprinting bypass web-application-firewall web-application-firewall-bypassingSpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has obfuscation, encoding, run-time code compilation and character substitution features. So you can bypass the countermeasures of the target systems like a boss until they "learn" the technique and behavior of SpookFlare payloads. Special thanks to the following projects and contributors.
av-bypass loader dropper av-evasion endpoint-bypass antivirus-evasion antivirus-testing obfuscation bypassGTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.
post-exploitation unix bypass gtfobins binaries reverse-shell bind-shell exfiltration redteam blueteamThere are several more steps to put this prototype on production. Ping me for paid technical supports.
captcha-solving tensorflow deep-learning cnn captcha captcha-tensorflow bypassThe (E)Lephant is a project i have started about two years ago that holds the sole purpose of helping users to help users with rapidshare automatic downloading support, or any other share host for that matter! It automatically downloads from rapidshare with much more to it!
automation bypass download-manager downloader megaupload rapidshareA tiny application designed for downloading files available at the most popular file hosting servers. Don't click - queue it.
aforge bypass captcha dddBypass the require cache when requiring a module – works with both node and browserify.Where module is the name of the module you're requiring, as you would normally pass to require. require should be your file's local require function.
browserify node require resolve cache bypass clear ignore freshAuthenticate against a MySQL server without knowing the cleartext password. This PoC shows how it is possible to authenticate against a MySQL server under certain circumstances without knowing the cleartext password when the Secure Password Authentication authentication plugin (aka mysql_native_password, the default method) is used.
mysql sha1 authentication password bypass sniffer attacker pocA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group. The initial release (v0.1) only supports the Encoding capability that can be quite complicated to be performed manually. See the references for more details.
waf bypass burpsuite burpsuite-extenderSee the sample for more. Image loading can be done via the ImageGetter interface. Libraries exist for Picasso and Glide.
bypass android markdown renderingSee the sample project for a comprehensive example.
picasso bypass markdown androidλ³Έ λ¬Έμλ κ΅λ΄ ISP μ ν΄ μ¬μ΄νΈ νν°λ§μ μ·¨μ½μ μ κ°λ΅νκ² μ€λͺ ν΄λμ λ¬Έμμ΄λ©°, μ΄ λ¬Έμμ λ΄μ©μ μ μ©ν μμλ λ²μ λ¬Έμ κ° λ°μν μ μμΌλ©°, κ·Έλ‘ λ°μν μ¬κ³ μ λν΄μ μμ±μλ μ λ μ± μμ§μ§ μμ΅λλ€. νκ΅μμ μλλ₯Ό μννλ warning.or.krμ νΌνλ λ°©λ²κ³Ό Node.js κΈ°λ° μ½λλ₯Ό ν¬ν¨νκ³ μμ΅λλ€.
bypass nodejs security koreaA Node.js package to bypass WAF anti-bot JS challenges. Humanoid is a Node.js package to solve and bypass CloudFlare (and hopefully in the future - other WAFs' as well) JavaScript anti-bot challenges. While anti-bot pages are solvable via headless browsers, they are pretty heavy and are usually considered over the top for scraping. Humanoid can solve these challenges using the Node.js runtime and present the protected HTML page. The session cookies can also be delegated to other bots to continue scraping causing them to avoid the JS challenges altogether.
bot anti-bot anti-bot-page bypass humanoid bypass-waf scrape scraping web-scraping waf cloudflare protected-pages captchaPRISM-AP is an automated Wireless RogueAP MITM attack framework. This script is distributed "as is" and no support will be provided in it's current state (not intended for beginners).
wireless pentesting pentest framework kali security automated mitm mana karma hsts bypass intercept tool tools 802-1xA python script designed to grab the original URL.
adfly bypass shorten-urls python-scriptNotice: If you are worry about WAF drop the connection, you have better not use -thread option.
bypass-wafs ssl-ciphersuites-check bypass web-application-firewall-bypassingA precondition for RIPv6 is an existing gateway that carries out the routing of the IPv6 network. The specific address range and this gateway are currently defined in the script itself in the Variables section. This section can also be used to define the time value for the rotation of IP addresses. In a later version these values can also be defined using parameters. IP addresses in the network range are randomly generated by the GenerateAddress() function, which currently generates addresses for a /64 subnet. Support for /48 networks is planned. The original function itself comes from Vladislav V. Prodan, although I have modified and shortened it for my own purposes.
ipv6 ipv6-address randomization vulnerability-scanners penetration-testing bypass evasion bypassing firewall-traversal
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.