EvilWAF is an advanced transparent MITM (man-in-the-middle) proxy tool specifically designed to bypass Web Application Firewalls (WAFs) and detect common WAF products. It supports various techniques to perform comprehensive security assessments on web applications protected by WAFs. EvilWAF operates as a transparent proxy between the attacker and the target server, intercepting and modifying requests and responses to evade WAF protection mechanisms. This tool helps security researchers and penetration testers identify weaknesses in WAF defenses by using multiple bypass techniques. EvilWAF can work against WAFs from many different vendors, making it a versatile option for security assessments. The main benefits of EvilWAF include its advanced MITM proxy capabilities, support for multiple bypass techniques, and the ability to detect and analyze different WAF products during testing. This makes EvilWAF a valuable resource for both ethical hackers and security professionals aiming to strengthen web application security by understanding and bypassing WAF protections.