LogoHackDB
RecentCategoryTagPricingSubmit
Sign In
LogoHackDB
Sign In

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

LogoHackDB

The Ultimate Directory for Offensive Security

Resources
  • Recent
  • Category
  1. Home
  3. Items
  5. EvilWAF
icon of EvilWAF

EvilWAF

EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Visit WebsiteShare on X
image of EvilWAF
Visit Website

Introduction

Back

Information

  • Publisher
    Admin
  • Websitegithub.com
  • Created date10/15/2025
  • Published date10/15/2025

Categories

  • Application Security

Tags

  • Web

More Resources

  • Tag
    • Listing
    • Pricing
    • FAQ
    • Submit
    Pages
    • Home
    • Support
    • Sitemap
    • llms.txt
    Company
    • About Us
    • Privacy Policy
    • Terms of Service
    Copyright © 2026 All Rights Reserved.
    image of PentAGI
    AI SecurityApplication SecurityInfrastructure SecurityReconnaissance
    Visit Website

    PentAGI

    Details

    Autonomous AI agent system for complex penetration testing, integrating security tools, long-term memory, and smart task delegation in sandboxed Docker.

    AIOSINTWebInternalExternal
    image of Intruder
    Infrastructure SecurityApplication SecurityReconnaissanceReporting
    Visit Website

    Intruder

    Details

    Unified exposure management platform for automated vulnerability scanning, attack surface monitoring, and cloud security posture management.

    ExternalInternalCloudAPIWeb+2
    image of NeroSwarm Deception Lab
    Red Team OperationsInfrastructure SecurityReconnaissanceApplication Security
    Visit Website

    NeroSwarm Deception Lab

    Details

    NeroSwarm Deception Lab offers free cyber deception tools including honeytoken creation, honeypot script generation, and IP threat reputation checking.

    OSINTInternalExternal

    EvilWAF - Web Application Firewall Bypass Toolkit

    EvilWAF is an advanced firewall bypass and fingerprinting tool designed to detect and bypass Web Application Firewalls (WAF). It supports multiple evasion techniques for comprehensive security assessment.

    Key Features
    • WAF Fingerprinting: Identify and detect specific WAF solutions
    • Multiple Bypass Techniques:
      • Header Manipulation
      • DNS History Analysis
      • Subdomain Enumeration
      • HTTP Request Smuggling
      • JWT Algorithm Confusion
      • GraphQL Query Batching
      • gRPC/Protobuf Bypass
      • Advanced Protocol Attacks
      • HTTP/2 Stream Multiplexing
      • WebAssembly Memory Corruption
      • SSTI Polyglot Payloads
      • Machine Learning WAF Evasion
      • Cache Poisoning
      • Web cache poisoning
    • Firewall Evasion: Advanced methods to bypass security controls
    • Comprehensive Scanning: Multi-technique approach for maximum effectiveness