Skip to content

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

License

Notifications You must be signed in to change notification settings

hamedeasy/wafpass

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WAFPASS

                        ██╗    ██╗ █████╗ ███████╗██████╗  █████╗ ███████╗███████╗
                        ██║    ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝
                        ██║ █╗ ██║███████║█████╗  ██████╔╝███████║███████╗███████╗
                        ██║███╗██║██╔══██║██╔══╝  ██╔═══╝ ██╔══██║╚════██║╚════██║
                        ╚███╔███╔╝██║  ██║██║     ██║     ██║  ██║███████║███████║
                         ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝     ╚═╝     ╚═╝  ╚═╝╚══════╝╚══════╝
                     
                            WAFPASS - Copyright (c) 2017 Hamed Izadi (@hezd). 

WAFPASS Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer from many deficits such as poor performance, lack of updates, and so forth. Thus, they are hindered from working effectively against everyday attacks that are equipped with cutting edge technological innovations. This vulnerability can cause various issues and even lead to security failures.

WAFPASS’s ultimate goal is to present a solution for promoting security systems like WAF in addition to providing a general overview of the security solutions.

Requirements:

Python version 3.4.x is required for running this program.

Disclaimer:

This tool is only for testing and academic purposes and can only be used where strict consent has been given. Do not use it for illegal purposes!

Installation:

Download WAFPASS by cloning the Git repository:

  $ git clone https://github.com/wafpassproject/wafpass.git

Supported Platforms:

Linux
Mac OS X
Windows (experimental)

Usage:

To get a list of all options and switches use:

  $ python3 wafpass.py -h

You can add your payloads in /payloads/payloads.csv like this:

  payload@description

Support:

WAFPASS is the project of many hours of work and total personal dedication.

Questions?

Contact me

A Special Thanks To…

Hamed Hosseini

About

Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%