bypass

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Bypass Paywalls web browser extension for Chrome and Firefox.

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Bypass Paywalls for Firefox

Detect and bypass web application firewalls and protection systems

ICMP流量伪装转发工具 ping tunnel is a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.

Penetration tests guide based on OWASP including test cases, resources and examples.

The goal of this repository is to document the most common techniques to bypass AppLocker.

Undetectable Windows Payload Generation

Miscellaneous exploit code

All about bug bounty (bypasses, payloads, and etc)

Series of System Administration Tools

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

A big list of Android Hackerone disclosed reports and other resources.

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

Antivirus evasion project

🔓 Disable SSL verification and pinning on Android, system-wide

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Handbook of information collection for penetration testing and src

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC

A simple userscript to bypass YouTube's age verification and watch age restricted videos without having to sign in.

bebasid dapat membantu membuka halaman situs web yang diblokir oleh pemerintah Indonesia dengan memanfaatkan hosts file.

discontinued

Crack Interface lockscreen, Metasploit and More Android/IOS Hacking

Filters for blocking pop-ups and anti-adblock bypass.

Bypassing disabled exec functions in PHP (c) CRLF