Expand description
wafrift-encoding — Payload encoding strategies and header obfuscation.
Transforms attack payloads using various encoding strategies (URL, Unicode, HTML entity, SQL comments, etc.) and applies header-level obfuscation techniques for WAF bypass.
§Examples
Single-pass encoding with one strategy:
use wafrift_encoding::{Strategy, encode};
let payload = "' OR 1=1--";
let url_encoded = encode(payload, Strategy::UrlEncode).unwrap();
assert!(url_encoded.contains("%27")); // single quote
assert!(url_encoded.contains("%20")); // space
assert!(url_encoded.contains("%3D")); // equals
// Same payload, double-encoded — bypasses single-decode WAFs.
let double = encode(payload, Strategy::DoubleUrlEncode).unwrap();
assert!(double.contains("%2527"));Layered encoding for stronger evasion (HTML-entity-encode the Unicode-escaped form):
use wafrift_encoding::{Strategy, encode_layered};
let result = encode_layered(
"<script>",
&[Strategy::UnicodeEncode, Strategy::HtmlEntityEncode],
).unwrap();
assert!(result.contains('&')); // HTML entity encodedRe-exports§
pub use encoding::Strategy;pub use encoding::aggressiveness;pub use encoding::all_strategies;pub use encoding::encode;pub use encoding::encode_layered;pub use encoding::layered_combinations;pub use error::EncodeError;pub use tamper::TamperConfig;pub use tamper::TamperError;pub use tamper::TamperRegistry;pub use tamper::TamperStrategy;pub use tamper::all_tamper_names;pub use tamper::default_registry;pub use tamper::tamper;
Modules§
- auth_
bypass - Auth-bypass header probes (Orange Tsai parser-disagreement class).
- contextual
- encoding
- Payload encoding strategies — transform payloads to bypass WAF keyword detection.
- error
- Error types for wafrift-encoding.
- header
- HTTP header obfuscation for WAF bypass.
- tamper
- Payload tampering strategies — advanced payload transformations beyond basic encoding.
- url_
mutate - URL / query-string payload mutation — opt-in attack surface for
the proxy
--mutate-urlflag and the strategy engine’s URL-aware evade variants.