Search Results for "bypass"
Sort By:
Showing 30 open source projects for "bypass"
View related business solutions-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
Secure File Transfer for Windows with Cerberus by RedwoodCerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
-
1
FlareSolverr
Proxy server to bypass Cloudflare protection
FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. FlareSolverr starts a proxy server, and it waits for user requests in an idle state using few resources. When some request arrives, it uses puppeteer with the stealth plugin to create a headless browser (Firefox). It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). -
2
Payloads All The Things
A list of useful payloads and bypass for Web Application Security
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares. -
3
GTFOBins
GTFOBins is a curated list of Unix binaries
GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. -
4
mhrv-rs
Rust port of @masterking32's MasterHttpRelayVPN
mhrv-rs is a Rust implementation of the MasterHttpRelayVPN project designed to bypass DPI-based internet censorship and access blocked websites through HTTP relay techniques. The software works by routing traffic through a user-deployed Google Apps Script relay, allowing requests to evade filtering systems while remaining lightweight and inexpensive to operate. The project emphasizes portability and efficiency by rewriting the original implementation in Rust, improving performance and cross-platform deployment possibilities. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
Damn Vulnerable GraphQL Application
Vulnerable implementation of Facebook's GraphQL technology
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. A public Postman collection is also available to replay solutions to the challenges. DVGA supports Beginner and Expert level game modes, which will change the exploitation difficulty. -
6
OpenPGP.js
OpenPGP implementation for JavaScript
This project aims to provide an Open Source OpenPGP library in JavaScript so it can be used on virtually every device. Instead of other implementations that are aimed at using native code, OpenPGP.js is meant to bypass this requirement (i.e. people will not have to install gpg on their machines in order to use the library). The idea is to implement all the needed OpenPGP functionality in a JavaScript library that can be reused in other projects that provide browser extensions or server applications. It should allow you to sign, encrypt, decrypt, and verify any kind of text, in particular e-mails, as well as managing keys. ... -
7
TwitchAdSolutions
This repo aims to provide multiple solutions for blocking Twitch ads
TwitchAdSolutions is an open-source repository that aggregates multiple techniques, scripts, and tools designed to block or bypass advertisements on the Twitch streaming platform. Rather than being a single application, it serves as a curated collection of methods that users can apply depending on their environment, including browser extensions, proxy-based approaches, and custom scripts. The project focuses on maintaining functional workarounds for Twitch’s evolving ad delivery system, which frequently changes to counter ad-blocking solutions. ... -
8
linkedin2username
Generate probable usernames from LinkedIn company employee lists
linkedin2username is an open source OSINT (Open Source Intelligence) tool designed to generate lists of potential usernames by scraping employee information from a company’s LinkedIn page. It logs into LinkedIn using valid user credentials and collects publicly visible employee names associated with a specified organization. Using these names, it automatically generates multiple possible username formats that organizations commonly use for accounts or email addresses. This process helps... -
9
Modlishka
Powerful and flexible HTTP reverse proxy
Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios. Modlishka was written as... -
Your monitoring isn't a stack. It's a pile. Fix that.Replace Datadog, New Relic, and Sentry without adding three more dashboards.
-
10
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
11
PoshC2
C2 framework used to aid red teamers with post-exploitation
...Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. Shellcode containing in-build AMSI bypass and ETW patching for a high success rate and stealth. Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good operational security. Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic. -
12
Unshackle
Tool to bypass windows and linux passwords from bootable USB
Unshackle is an open-source tool to bypass Windows and Linux user passwords from a bootable USB based on Linux. Open-source tool to bypass windows and Linux passwords from bootable USB. -
13
Udp2raw-tunnel
Turns UDP traffic into encrypted UDP/fakeTCP/ICMP traffic
...ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel. UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization). -
14
Slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP
...It works by abusing the NAT’s Application Level Gateway (ALG) logic and connection tracking, combined with browser capabilities like WebRTC, precise packet fragmentation or boundary control, and packet injection techniques. The attack is able to bypass browser port restrictions by fragmenting or massaging packets so that the “exploit payload” lands in a packet boundary that gets parsed by the NAT/ALG as a legitimate protocol packet (e.g. SIP or H.323). Once successful, the NAT/firewall is deceived into opening a “hole” (port forwarding) back to the internal host, enabling the attacker to connect directly to internal services. -
15
PyExfil
A Python Package for Data Exfiltration
...In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a testing tool rather than an actual Red Teaming tool. Although most techniques and methods should be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism should be stable on all techniques. ... -
16
Bilibili Helper
Auxiliary tool that can replace the player, push notifications, etc.
...Bilibili (bilibili.com) is an auxiliary tool that can download videos, query the sender of the barrage, and some very useful live broadcast area functions. An auxiliary extension for Bilibili (bilibili.com) which allows users to bypass playback restrictions, replace video players and use shortcuts. Starting from a certain version, Bilibili Assistant uses special technical methods to realize the unlocking function of regional restrictions. It was known to only be able to re-fix the feature via a proxy method, but the cost was prohibitive and we decided not to maintain the feature anymore. ... -
17
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
18
WhatWaf?
Detect and bypass web application firewalls and protection systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. -
19
BlockCheck
Russian ISP blocking type checker
...Its value is strongest for people studying network censorship, ISP filtering behavior, and the technical mechanics of access restriction. Because test results could be affected by circumvention tools, the project warns users not to run it while bypass systems are enabled. -
20
httpshell is an interactive https command exploit to test the perimeter security of your network. This is a customized HTTPS encrypted reverse shell. It illustrates how easy to bypass any perimiter firewall and IPS by simply encrypting the data. To list all connecting clients: sulod -l To interact with existing client sessions: sulod -i <number> by Nelson Maligro
-
21
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
22
MITMf
Framework for Man-In-The-Middle attacks
...The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework. -
23
myAuxiliary.rb
msf post-exploitation auxiliary module
This auxiliary module needs [metasploit] framework installed.. This module its a metasploit post-exploitation (after the targets get's exploited) auxiliary script, so we need to exploit a target first in order to use it. Affected platforms: Windows OS (all versions above windows vista) Read my WIKI for further info: https://sourceforge.net/p/myauxiliarymete/wiki/Home/ -
24
Mole
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible. -
25
AHT (Ashiyane Hack Tools Ver) 1.1
Perl Hacking Tools (BackTrack)
...It is For BackTrack This Script Contains This tools : Local File Disclource (LFD) Checker Scanning the whole netmask and returning IP and MAC BackConnect Tools Proxy Checker Reverse IP Add a User With Admin Access (Windows) Add a User With r00t Access (Unix) Grab Cpanel Users Remote Port Scanning With NetCat SQL Injection Scanner MD5 Hash Cracker (Online) Admin Page Finder Make Uploader With Echo Method (Linux Servers) Service Scanning BruteForce Services With Medusa And Hydra (Backtrack) Test Lfi With php:// Bypass Method Cms Analyzer (Beta Version) Server Scanning With Nmap Remote Command Execution Console Fck Editor Scanner
