WAF bypass by kCXYAks2BMZcpOi A new Cloudflare WAF bypass for XSS has been discovered by xss0r. The bypass payload is <details open ontoggle=alert(do ... November 29, 2024
WAF bypass by kCXYAks2BMZcpOi A new XSS bypass for Cloudflare WAF has been discovered by xss0r. The payload used is <details open ontoggle=alert(document ... November 29, 2024
WAF bypass by BRuteLogic The tweet mentions tricks to obfuscate alert, confirm, and prompt dialogs in order to bypass a filter or WAF for XSS attacks. ... November 28, 2024
WAF bypass by Dghost_Ninja This tweet mentions a common scenario where someone is looking for a way to bypass a Web Application Firewall (WAF) or the 403 ... November 27, 2024
WAF bypass by xss0r A new XSS WAF bypass for Cloudflare has been discovered by xss0r. The payload used for bypass is <details open ontoggle ... November 27, 2024
WAF bypass by zhero___ An interesting discovery has been made in a widely used framework that allows manipulation of the router to bypass specific fi ... November 27, 2024
WAF bypass by ksg93rd Two JavaScript payloads for bypassing WAF in URL context have been discovered. The first payload is "<Svg/OnLoad=alert ... November 27, 2024
WAF bypass by Mr_Sh0wan This XSS bypass payload utilizes the JavaScript import function to execute an alert(origin) function. The use of Unicode encod ... November 26, 2024
WAF bypass by d0znpp ChatGPT has been used to test the effectiveness of bypassing the top 3 WAF vendors. The payload used in this test is 'How ... November 25, 2024
WAF bypass by akaclandestine A Burp extension has been developed to evade TLS fingerprinting, allowing users to bypass WAF and spoof any browser. This tool ... November 25, 2024
WAF bypass by epiro_8 A blogpost about bypassing AWS WAF using XSS payload <script>alert('WAF Bypassed')</script> has been cre ... November 24, 2024
WAF bypass by Jarvis0p1 The tweet mentions learning cool techniques of WAF Bypass from @3nc0d3dGuY and @assetnote while retesting on HackerOne. It sho ... November 23, 2024
WAF bypass by eagle_0408 The tweet does not provide specific information about the WAF bypass techniques used. It is important to have more details abo ... November 23, 2024
WAF bypass by Commanak46 The tweet discusses an error-based SQL Injection WAF bypass by @c0nqr0r. The bypass payload used is Error-based SQL Injection. ... November 22, 2024
WAF bypass by yassir_wahid The tweet mentions hunting bugs using error-based SQL injection (SQLi) to bypass a Web Application Firewall (WAF) without auto ... November 22, 2024
WAF bypass by reverseame A blog post should be made about this bypass as it highlights a vulnerability in file upload validation through Multipart Pars ... November 22, 2024
WAF bypass by coffinxp7 A new SSRF vulnerability has been discovered in Cloudflare's rocketloader nuclei template. This vulnerability can be expl ... November 22, 2024
WAF bypass by viehgroup This tweet describes an XSS bypass for CloudFlare WAF using the payload JavaScript:"<Svg/OnLoad=alert%25%0A26lpar;1)&g ... November 21, 2024
WAF bypass by XssPayloads Two payloads for bypassing WAF in URL context have been shared by @BRuteLogic. The payloads are designed for XSS attacks. The ... November 21, 2024
WAF bypass by RoxyhunkPush The tweet suggests that bypassing a WAF (Web Application Firewall) without the Origin IP is fun and often easy. It mentions th ... November 21, 2024
WAF bypass by Joyerz5 A tweet suggesting to find the Origin IP as a potential WAF bypass technique. This technique aims to identify the real IP addr ... November 21, 2024
WAF bypass by Joyerz5 SQLmap was used to successfully bypass Ghauri WAF in this case by using the Origin Ip. It initially failed but was successful ... November 20, 2024
WAF bypass by BRuteLogic The tweet demonstrates an XSS bypass in URL context using HTMLi, Double Encoding, and Embedded bytes. The payload JavaScript:& ... November 20, 2024
WAF bypass by iqimpz Using character normalization to bypass WAFs is a common and effective technique for various vulnerabilities. This technique i ... November 20, 2024
WAF bypass by arthurair_es A bypass for Imperva WAF was discovered in the context of a Local File Inclusion (LFI) vulnerability. The WAF was blocking the ... November 19, 2024
WAF bypass by MaxiSoler The tweet mentions the use of the SSRF-Hacks-IP-Decimal Burp Suite extension for SSRF bypass attempts and WAF evasion testing. ... November 19, 2024
WAF bypass by MSTRBLSTR_music WAF and LB can introduce attackable surfaces with flaws, including authorization bypass. These flaws are not a panacea for com ... November 18, 2024
WAF bypass by harshad_hacker A new Burp Suite extension called SSRF-Hacks-IP-Decimal has been developed by @harshad_hacker. This extension converts IP addr ... November 18, 2024
WAF bypass by socialmanagercs Cloudflare's security protections were found to be vulnerable to XSS bypasses, allowing malicious users to exploit flaws ... November 16, 2024
WAF bypass by TaurusOmar_ The tweet is promoting SQLMapping with SQLMap Command Generator and Cheat Sheet for exploiting SQL Injections. This tool can b ... November 16, 2024