The tweet mentions using custom XOR payloads added to sqlmap's boolean_blind.xml file to bypass WAF protection for SQL Injection. This technique seems to work effectively. Consider writing a blog post detailing the process, including the product (sqlmap), vendor (Universal), type of bypass (SQLi), and technical implementation of XOR payloads for bypassing WAF protection.
Thanks for sharing! Apart from using tampering scripts, you could also try adding own custom payloads to bypass WAF. I have added some own XOR payloads on sqlmap's boolean_blind.xml file. Seems to work like a charm 😉
— Otterly (@ott3rly) May 28, 2024