Pentest Tools

Published on May 2nd, 2015 📆 | 7836 Views ⚑


Payload Mask v1.0 – Payload Generator for Bypass WAF

Payload Mask is an open source tool to generate payload list to try bypass Web Application Firewall, you can use a big list of encodes and techniques to convert your payload list. Payload Mask is licensed under GPLv3.


  • Need ”GCC” and ”make”
  • Current version tested only Unix Like systems(Linux, MacOS and *BSD).

[adsense size='1']


You can use comments to bypass WAF: id=-15 /*!UNION*//*!SELECT*/ 0,1,2,3...

You can also change the Case of the Command: id=-15 UnIoN sELecT 0,1,2,3...

You can combine methods: id=-15 /*!uNIOn*//*!sElECt*/ 0,1,2,3.


More Information:

Tagged with:

Comments are closed.