This tweet reveals a new bypass for Cloudflare's Web Application Firewall (WAF) that allows Cross-Site Scripting (XSS) attacks. The payload used ...October 7, 2025
This tweet discusses a WAF bypass related to a misconfiguration issue. The bypass is characterized as 'Location Owned,' suggesting that the ...October 7, 2025
This tweet shares a link described as useful for bypassing a Web Application Firewall (WAF). The specific type of vulnerability affected or the WAF ve ...October 7, 2025
This blog post discusses a critical vulnerability involving Cross-Site Scripting (XSS) bypasses in the Cloudflare Web Application Firewall (WAF). Clou ...October 6, 2025
This tweet reveals a new Cross-Site Scripting (XSS) bypass technique specifically targeting the Cloudflare Web Application Firewall (WAF). The payload ...October 6, 2025
This post talks about a new bypass for Cloudflare's Web Application Firewall (WAF) specifically targeting Cross-Site Scripting (XSS) vulnerabilit ...October 6, 2025
The tweet discusses an issue commonly encountered when testing for SQL Injection vulnerabilities using automated tools like SQLMap. Sometimes the tool ...October 6, 2025
The tweet is about penetration testing services offered by a specialized team in compliance with SPK regulations, focusing on financial security. The ...October 4, 2025
The tweet talks about completing a bypass of WAF (Web Application Firewall) protections against XSS (Cross-Site Scripting) attacks as well as bypassin ...October 3, 2025
Cloudflare has recently enhanced its Web Application Firewall (WAF) by introducing new security rules to protect against several critical vulnerabilit ...September 30, 2025
This tweet reports a Web Application Firewall (WAF) bypass related to Cross-Site Scripting (XSS) that is cookie based. It states that the combination ...September 29, 2025
This tweet requests advanced methods to bypass Web Application Firewalls (WAF) for exploiting Cross-Site Scripting (XSS) vulnerabilities. The user is ...September 28, 2025
This tweet highlights the challenge that penetration testers and hackers face when dealing with Web Application Firewalls (WAFs). It suggests that hac ...September 26, 2025
This tweet mentions a scenario involving a Web Application Firewall (WAF) and reflected Cross-Site Scripting (XSS) vulnerability. The author indicates ...September 25, 2025
This tweet shows a simple example of bypassing a WAF (Web Application Firewall). Normally, when accessing the '/register' URL, the WAF block ...September 23, 2025
The tweet announces an upcoming presentation by @BRuteLogic at the BugBounty Village, titled "The brute art of bypass." This talk will cover ...September 23, 2025
This tweet promotes the eWPTX certification, which is an advanced web application penetration testing certification. The certification is 100% hands-o ...September 23, 2025
This tweet promotes the eWPTX certification, which is an advanced web application penetration testing certification. The certification is 100% hands-o ...September 23, 2025
The tweet promotes eWPTX, an advanced web application penetration testing certification. It mentions that the 100% hands-on exam covers topics such as ...September 23, 2025
The tweet reflects a common misconception about Web Application Firewall (WAF) bypasses. It highlights that many claimed bypasses are actually not byp ...September 23, 2025
This bypass technique targets WAFs provided by CDN services such as Akamai and Cloudflare. When a website uses a CDN, the traffic passes through the C ...September 23, 2025
This bypass technique targets Cross-Site Scripting (XSS) vulnerabilities and involves the use of multi-character HTML entities. These entities are spe ...September 22, 2025
This tweet discusses a technique to bypass a Web Application Firewall (WAF) by accepting any parameters. The idea is to bypass the WAF's regex ru ...September 21, 2025
The tweet by @xchopath is asking if there is any resource to learn how to bypass the regex rules of a WAF or if the source code is available. However, ...September 21, 2025
This tweet highlights a fascinating case where a security researcher successfully bypassed LG's Web Application Firewall (WAF) using advanced tec ...September 21, 2025
A security researcher named Sarthak discovered a significant Web Application Firewall (WAF) bypass bug that affects multiple major WAF vendors, includ ...September 20, 2025
This tweet is from a user who has discovered two endpoints that are vulnerable to reflected Cross-Site Scripting (XSS) attacks but is struggling to by ...September 20, 2025
This tweet asks about skipping burnout 101, and refers to a strict WAF that can't be bypassed. Burnout here likely metaphorically refers to overc ...September 18, 2025
This tweet describes a scenario where an attacker discovered a vulnerability in the web application firewall (WAF) protecting an Australian Government ...September 17, 2025