Skip to content

A WAF Bypass tool assisting in the use of SQLMap Tampers list according to specific WAF vendors.

License

Notifications You must be signed in to change notification settings

e-m3din4/the-nurse

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

             __
            | +|
         ,,,|__|
         $$$ , ,
        $$C    >
       $$$;  _<
   _______/ /_        ___
  |  |__` \~/o\  _,]-]___]----->
  | /  \(  )  )\/.-//
 _( \  )    / \  |
  //| /   ,/   \/
    '/   o \
    /     o \
   /______/\_\
   \   ||   /
    \  ||  /
     \ || /
     / )( \
     |/  \|
     :]  [:
     o|  |o
    /o|  |o\    
    `-'  `-'`

The Nurse

A WAF Bypass SQLMap Tamper Assistant.

This is a Bash script that helps with bypassing Web Application Firewalls (WAFs) using SQLMap tamper options. It provides a list of WAF vendors, prompts the user to select a vendor, and then suggests a set of useful tamper options for SQLMap that have been found to be effective against the selected vendor's WAF.

Usage

To use the script, simply run it in a Bash terminal:

bash

./the-nurse.sh

-The script will present a list of WAF vendors and prompt you to select a vendor. Once you have selected a vendor, the script will suggest a set of useful tamper options for SQLMap that can help bypass that vendor's WAF.

-The script will output the SQLMap command with the selected options, which you can then copy and paste into your terminal to execute the injection.

Dependencies

This script requires the following dependencies:

Bash (version 4 or later) SQLMap (version 1.0 or later)

Make sure that these dependencies are installed and available in your $PATH before running the script.

Disclaimer

This script is for educational purposes only. It is intended to help security researchers and penetration testers understand the limitations of WAFs and to help them test the effectiveness of their bypass techniques. Do not use this script for any illegal activities. The author of this script is not responsible for any damage or harm caused by its use.

About

A WAF Bypass tool assisting in the use of SQLMap Tampers list according to specific WAF vendors.

Topics

Resources

License

Stars

Watchers

Forks

Languages