abuse-ssl-bypass-waf

Helping you find the SSL/TLS Cipher that WAF cannot decrypt and Server can decrypt same time

Referer article Bypassing Web-Application Firewalls by abusing SSL/TLS

Attack idea

Usage

python abuse-ssl-bypass-waf.py -h

Notice: If you are worry about WAF drop the connection, you have better not use -thread option.

Thirdparty

curl

sslcan

Notice: If your operation system is not Windows, you should be modify config.py ，adjust curl and sslscan path & command values.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
curl		curl
pictures		pictures
sslscan		sslscan
.gitignore		.gitignore
README.md		README.md
abuse-ssl-bypass-waf.py		abuse-ssl-bypass-waf.py
config.py		config.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

curl

curl

pictures

pictures

sslscan

sslscan

.gitignore

.gitignore

README.md

README.md

abuse-ssl-bypass-waf.py

abuse-ssl-bypass-waf.py

config.py

config.py

Repository files navigation

abuse-ssl-bypass-waf

Attack idea

Usage

Thirdparty

Running

About

Releases

Packages

Languages

harry1080/abuse-ssl-bypass-waf

Folders and files

Latest commit

History

Repository files navigation

abuse-ssl-bypass-waf

Attack idea

Usage

Thirdparty

Running

About

Resources

Stars

Watchers

Forks

Languages