h2-waf-bypass
OfficialBypass WAFs via HTTP/2 binary framing exploits.
System Documentation
What problem does it solve?
Standard web application firewalls (WAFs) often block malicious payloads sent over HTTP/1.1, but HTTP/2's binary framing architecture creates blind spots for out-of-process WAFs that evaluate requests before the full request body is received. This Skill enables bypassing these WAF restrictions when standard 403 bypass and parser differential techniques fail, and the target supports HTTP/2.
Core Features & Use Cases
- Automated Proxy + WAF Fingerprinting: Identifies the reverse proxy and WAF architecture in use to select only applicable bypass attacks, avoiding wasted effort on hardened configurations like nginx with libmodsecurity3.
- 6 Distinct HTTP/2 Framing Bypasses: Includes body timing attacks, body size truncation, Extended CONNECT method conversion, path normalization bypasses, JSON content-type gap exploitation, and ForwardAuth body stripping for common proxy/WAF combinations.
- Use Case: Use this Skill during authorized penetration testing when a WAF blocks all HTTP/1.1 payloads but the target supports HTTP/2, and you have exhausted standard path, header, and content-type bypass techniques.
Quick Start
Use the h2-waf-bypass skill to run the full WAF bypass test pipeline against your target host and port to identify exploitable HTTP/2 framing vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: h2-waf-bypass Download link: https://github.com/dreadnode/capabilities/archive/main.zip#h2-waf-bypass Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.