Vuln Drive 2
SSRF using file_get_contents() and CRLF in ini_set()
basic Header quirks to bypass waf
sqli using column trick in sqlite to get the f ...January 31, 2023
#exploit
Vuln Drive 2:
- SSRF using file_get_contents() and CRLF in ini_set()
- basic Header quirks to bypass waf
- sqli using column trick in sqlite ...January 31, 2023
Did you already know about this incredible SSRF WAF bypass?
@_0x999 shares this cool trick that might just fool a couple of firewalls!
#bugbounty #b ...January 28, 2023
server security fix and prestashop also (like cache/cookie/http header host) https://t.co/6Iofe07yN8 hello someone block us on google ads campaign wit ...January 28, 2023
> A common mistake I see people make when trying to bypass WAFs, or just filters in general for the matter, is they copy and paste generic WAF bypa ...January 27, 2023
Cloudflare says White House Asked Tech Firm to Bypass Iran Censorship, but US Sanctions got in the Way – CNN 1/19/23 https://t.co/4Dk5ptO1XO ...January 25, 2023
All headers which can be used to set your IP? (X-Forwarded-For equivalents). It might bypass WAF and forwarded your request : ⚔️🛡️
#infosec ...January 23, 2023
Level-up your web app security knowledge? Learn how to bypass Cloudflare WAF and uncover hidden vulnerabilities with this must-read blog post by
@Enc ...January 23, 2023
More than 100's of payloads for SSRF to bypass WAF ⚔️https://t.co/tf5pEb59CE
#infosec #cybersecuritytips #bugbountytips https://t.co/qaw75jpxm8 ...January 21, 2023
You can bypass a WAF during a XSS attack on ASP(dot)NET-IIS technology by using a HTTP parameter pollution attack
#infosecurity #bugbountytips https ...January 21, 2023
CISA's scanner includes 60 HTTP request headers, DNS callbacks for vulnerability detection & validation, URL lists, WAF bypass, HTTP POST, and JSO ...January 21, 2023
Exposed web admin panel & CDN/WAF Bypass:
> It doesn't matter if you have brute force protection, it won't defend against a low and slow (rotat ...January 21, 2023
Cloudflare says White House asked tech firm to bypass Iran censorship, but US sanctions got in the way | CNN Business https://t.co/QzE0A7Nu47 ...January 21, 2023
CVE-2023-24021 In ModSecurity before 2.9.7, FILES_TMP_CONTENT sometimes lacked the complete content. This can lead to a Web Application Firewall bypas ...January 20, 2023