Example Usage
# EvilWAF generates a local CA to intercept HTTPS traffic. Trust it once. # Run EvilWAF first — CA is auto-generated at startup # Then find the cert: ls /tmp/evilwaf_ca_*/evilwaf-ca.pem # Linux — trust system-wide sudo cp /tmp/evilwaf_ca_*/evilwaf-ca.pem /usr/local/share/ca-certificates/evilwaf-ca.crt sudo update-ca-certificates # macOS sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain \ /tmp/evilwaf_ca_*/evilwaf-ca.pem # For tools like sqlmap, pass --ignore-proxy=False or equivalent for your tool.
See also
1earn
Free
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup…
365-Stealer
Free
365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Cons…
Certipy
Open Source
Offensive tool for Active Directory Certificate Services (AD CS) enumeration and abuse. Finds and ex…
cve-search_mcp
Open Source
A Model Context Protocol (MCP) server for querying the CVE-Search API…
GDB with pwndbg
Open Source
Kali
GDB (GNU Debugger) enhanced with pwndbg plugin for exploit development and reverse engineering. Adds…
CVE_Prioritizer
Open Source
Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prior…