The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build to show how resource files can automate tasks.
WAF_Bypass_Helper is a Python script for generating bypass A web application firewall (or WAF).
Support type of attack:
+ SQLi (Sql Injection)
+ XSS (Cross Site Scripting)
+ ldapi (LDAPI allows LDAP connections to run over IPC connections)
+ pathtr (xpath Injection)
+ xxe (External Entity) xml cheat sheet.
– Mysql, SQL and Oracle.
+ Python 2.7.x
– Can work this get and post request
-+- Standart proxy: 127.0.0.1 8080 (test on burp)
– If you select output to a file, two files will be created. A file containing only the found mutations and a file containing the order of creating these mutations
git clone https://github.com/SndVul/WAF_Bypass_Helper && cd WAF_Bypass_Helper
python main.py -h