Giter Club home page Giter Club logo

fake_sqli_bypass's Introduction

Fake_Sqli_Bypass-自动化Fuzz Sqli/生成tamper

Fake框架的自动化Fuzz WAF/IDS 功能

觉得使用还可以请点一个star让我体会一下工具也有人用的感觉

太久没写代码了,写的好丑hhhhhhhhh
其实这个功能点的开发并没有我想的这么简单,但是又非常的有意思,于是决定给他独立出来单独当一个功能,当然并不会在框架上分离出来. 至于后续的更新可能需要看情况以及有没有人使用,所以也没有一下子把功能写的非常完整,规则也是非常的简陋,直接采用网上现成的结果稍做修改。
规则也是非常的简陋,直接采用网上现成的结果稍做修改。
后续可能会依次更新规则库里面的规则,让它变得灵活化,人性化。
关于tamper的生成也比较简陋,但也还勉强能用
规则库后期采用WAF/IDS指纹对比,对应使用规则库,毕竟不同的waf拦截方式也是不同的,一个思路可能在这个waf上行不通在另外一个waf上可以绕过,正所谓术业有专攻,指定的waf有指定的payload,对于通用的还是很少的。
前期脚本只是放出来给大家娱乐娱乐,毕竟没有什么特别好用的操作

Author:思缘

Team : 08Sec安全团队 @校长办公室

使用方法

具体配置请修改config/settings.py
有些配置还没有写,只是摆设

git clone https://github.com/RandomSiYuan/Fake_Sqli_Bypass.git
cd Fake_Sqli_Bypass
python3 main.py

已更新

Fake_Sqli_Bypass v0.1

1.Fuzz 规则库更新
2.tamper生成

Fake_Sqli_Bypass v0.1.5

1.Fuzz 规则库更新

预计更新

Fake_Sqli_Bypass v0.2

1.Fuzz 规则库更新
2.porxy 代理池
3.WAF识别 对应WAF选择规则库

fake_sqli_bypass's People

Contributors

randomsiyuan avatar

Stargazers

avatar TcherBer avatar Jangfe avatar avatar kych1n avatar anday avatar Deep avatar Michael avatar avatar eternaltree avatar Mrkaixin avatar avatar avatar G0mini avatar Isabellae avatar avatar R4ph4e1 avatar avatar lambdaz avatar avatar avatar avatar avatar avatar avatar 于晓c avatar avatar avatar avatar avatar burn avatar loecho avatar Ra66it avatar huahua avatar avatar avatar ayayaya avatar Laowang avatar Y4er avatar Funny-Qing avatar avatar Pa55w0rd avatar avatar aa506 avatar avatar avatar raul17 avatar Lucky East avatar avatar avatar daybreak avatar Allard avatar fishmumu avatar avatar avatar python_study avatar Quinn Yan avatar avatar Sud0h4c avatar avatar 浮萍 avatar Tomas Brunken avatar avatar avatar muuk avatar avatar B0y1n4o4 avatar Lz1y avatar avatar avatar hvvva avatar r00tuser avatar avatar avatar JickMasicro avatar Faritor avatar 是爪巴不是八爪 avatar avatar avatar avatar Bowu avatar avatar 九世 avatar 三米前有蕉皮 avatar avatar

Watchers

James Cloos avatar avatar avatar Michael Kane avatar fishmumu avatar Bowu avatar avatar avatar

Forkers

crackercat shuxiaa harry1080 toygang uunoob blockchainguard f4cky0u m-star-coder

fake_sqli_bypass's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.