This tweet describes a Web Application Firewall (WAF) bypass technique where the requester changed the HTTP method from GET to POST and used dirty dat ...April 29, 2026
This tweet discusses new security patches released by Progress for multiple vulnerabilities found in their MOVEit WAF and LoadMaster products. These v ...April 29, 2026
This tweet mentions a WAF bypass using the payload "150". However, it does not specify the vendor of the WAF, the exact vulnerability type a ...April 29, 2026
This tweet announces the results of a 48-hour penetration test that uncovered 12 weaknesses in web applications, including critical Insecure Direct Ob ...April 29, 2026
The tweet announces a new open-source project called Ossiqn-Vuln-Framework. This tool is designed for discovering vulnerabilities and includes an inte ...April 29, 2026
Progress Software has addressed critical vulnerabilities in their MOVEit WAF and LoadMaster products. These security flaws could have allowed attacker ...April 29, 2026
The tweet discusses perceptions in the penetration testing and bug hunting community regarding Web Application Firewalls (WAFs). It references an engi ...April 29, 2026
This tweet discusses a bypass for Akamai WAF related to HTML injection vulnerabilities. Akamai WAF is a widely used web application firewall designed ...April 29, 2026
A critical alert has been announced regarding MOVEit WAF involving multi-level remote code execution (RCE) and WAF bypass vulnerabilities. This vulner ...April 29, 2026
Progress Software recently fixed multiple high-severity vulnerabilities in their MOVEit WAF and LoadMaster products. Among these is a critical vulnera ...April 29, 2026
Progress Software has fixed a sneaky WAF bypass vulnerability identified as CVE-2026-21876. This vulnerability allowed attackers to bypass the Web App ...April 28, 2026
Progress Software has fixed a sneaky WAF bypass vulnerability identified by CVE-2026-21876. Although the exact type of vulnerability and payload detai ...April 28, 2026
Recently, Progress has released patches for multiple critical vulnerabilities affecting MOVEit WAF and Progress Kemp LoadMaster. Among these vulnerabi ...April 28, 2026
The tweet highlights a significant security issue involving a combination of broken access control and WAF bypass vulnerabilities found in the same au ...April 28, 2026
Progress Software, a well-known software vendor, has fixed a sneaky Web Application Firewall (WAF) bypass vulnerability identified as CVE-2026-21876. ...April 28, 2026
Progress has released security patches addressing multiple critical vulnerabilities in their MOVEit WAF and LoadMaster products. These vulnerabilities ...April 28, 2026
Progress Software has identified and warned about 5 critical vulnerabilities affecting their MOVEit WAF and ADC products. These vulnerabilities includ ...April 28, 2026
Progress Software has released important security patches for MOVEit WAF and LoadMaster products. The vulnerabilities fixed include multiple command i ...April 28, 2026
The tweet discusses a critical security issue involving a Web Application Firewall (WAF) bypass combined with Remote Code Execution (RCE) vulnerabilit ...April 28, 2026
This tweet mentions a bypass of Cloudflare WAF that is specifically related to XSS (Cross-Site Scripting) vulnerabilities. The user claims to have fou ...April 28, 2026
This tweet highlights that SQL injection (SQLi) vulnerabilities are still relevant and evolving with new methods of exploitation. It mentions advanced ...April 28, 2026
This bypass involves the WAF solver regexes used in the Claude environment. The debugger agent refused to update these regexes because it judged the r ...April 28, 2026
The Progress Kemp LoadMaster has disclosed five high-severity vulnerabilities, including a Web Application Firewall (WAF) bypass and an OS command inj ...April 28, 2026
This tweet discusses the idea of reporting a security issue related to WAF (Web Application Firewall) bypass. The author questions if the issue is alr ...April 28, 2026
This bypass method involves using Shodan, a search engine for internet-connected devices, to find the direct IP address of a target web server. By dir ...April 28, 2026
This tweet talks about how in penetration testing (pentesting), every successful action like finding a recon pattern, exploit path, or a WAF bypass ca ...April 28, 2026
This tweet is promoting a course that will teach how to bypass Web Application Firewalls (WAFs) specifically for Cross-Site Scripting (XSS) vulnerabil ...April 28, 2026