WAF bypass by bug_vs_me

A tweet indicating interest in collaborating for escalating XSS attacks and bypassing WAF or CSP restrictions. The provided pa ... February 28, 2025

WAF bypass by mmffkkdd

The tweet mentions that by prefixing the SQLi payload with JSON syntax, the WAF can be bypassed. This technique can be effecti ... February 28, 2025

WAF bypass by 0x0_mdshakib

A command injection bypass was discovered that exploits the WAF by using the payload '`cat /et$()c/pa's'swd`� ... February 28, 2025

WAF bypass by JustWantToQ1

The tweet mentions the frustration of not being able to receive proper support for finding a WAF bypass. It highlights the dif ... February 28, 2025

WAF bypass by theXSSrat

This tweet provides a methodology for XSS bug bounty hunting. It includes steps for reconnaissance, identifying injection poin ... February 28, 2025

WAF bypass by tmz900

This tweet mentions a bug fix that didn't entirely fix the XSS vulnerability, leading to a second report. Although it ... February 27, 2025

WAF bypass by 1hehaq

Wafmap is a tool that includes most bypass techniques for automation. It utilizes lambda algorithms to adapt to WAF behavior. ... February 26, 2025

WAF bypass by ridingwithmopz

The tweet mentions a tutorial on bypassing Huawei WAF. The bypass method is not specified in the tweet. Further analysis is ne ... February 26, 2025

WAF bypass by vcantry

An XSS bypass technique was identified using the payload 'onerror=alert;throw 123;' which can bypass various WAFs. T ... February 25, 2025

WAF bypass by MiniMjStar

This tweet describes an XSS WAF bypass using the payload '10006630~!~/[redacted]/a/unix/apps/WAS/FileService/files/[redac ... February 24, 2025

WAF bypass by elmehdimee

The tweet describes a successful bypass of a WAF using a XSS payload. The attacker was unable to bypass the WAF by extracting ... February 23, 2025

WAF bypass by ryancbarnett

The tweet mentions a WAF bypass XSS challenge from 2013 that included MentalJS and Dompurify. It states that despite being a d ... February 21, 2025

WAF bypass by YoyoDavelion

The tweet describes an XSS WAF bypass that escalated to a PII (Personally Identifiable Information) leak and authenticated sen ... February 21, 2025

WAF bypass by OludareEzekiel9

The tweet mentions that it is hard to find XSS vulnerabilities unless you can bypass the Web Application Firewall (WAF). The m ... February 21, 2025

WAF bypass by Barbarossa404

The tweet mentions a custom XSS payload developed for bypassing Akamai and Cloudflare WAFs. The payload targets XSS vulnerabil ... February 21, 2025

WAF bypass by 0xnuy

This method utilizes TOR to rotate IPs during fuzzing, allowing for the bypass of rate limits and avoidance of WAF blocks. It ... February 19, 2025

WAF bypass by m1ru1

The tweet suggests using a commercial WAF for better telemetry and protection at scale. It mentions the use of ModSecurity and ... February 18, 2025

WAF bypass by w0rms3c

The tweet mentions a WAF bypass related to XSS. It includes references to HackerOne, BugCrowd, and nuclei templates. The post ... February 17, 2025

WAF bypass by InfoSecComm

The tweet mentioned a successful bypass of a WAF to uncover a Reflected XSS vulnerability. The WAF vendor is not specified. It ... February 17, 2025

WAF bypass by deemetrics

The tweet mentioned WAF's blocking access. If you encounter a WAF blocking you, it could be due to various vulnerabilitie ... February 16, 2025

WAF bypass by Ahmex000

The tweet by @ZeroDayHunter0 highlights multiple ways to bypass a generic WAF. These include bypassing OTP via brute force wit ... February 16, 2025

WAF bypass by MetinZ25521

Read about SQLi WAF Bypass Techniques using Time-Based Attacks in Ott3rly's Medium post. Learn how to bypass WAF protecti ... February 15, 2025

WAF bypass by MetinZ25521

The tweet refers to a Medium article titled 'SQLi WAF Bypass Techniques Part 2' by Ott3rly. It discusses advanced te ... February 15, 2025

WAF bypass by Jarvis0p1

The tweet mentions using the Assetnote research on WAF bypass by adding junk data before any payload. This technique is known ... February 14, 2025

WAF bypass by bGVnaW9u

The tweet discusses SQLi WAF Bypass Techniques using Time-Based Attacks. The credit goes to Ott3rly. The post provides insight ... February 14, 2025

WAF bypass by RenwaX23

The tweet mentions a cool XSS finding using 2 reflections inside a JS script context to bypass Server-Side Sanitizer, Double q ... February 13, 2025

WAF bypass by w0rms3c

The tweet mentions a free XSS scanner with bypasses and all payloads. It includes links to Discord and Telegram for invitation ... February 12, 2025

WAF bypass by yogsec

Some WAFs may ignore non-standard headers like X-Forwarded-For, X-Originating-IP, and X-Client-IP. Injecting payloads in these ... February 11, 2025

WAF bypass by 0xJin

This tweet describes a Blind SQL Injection WAF bypass technique. By entering the payload ' OR 1337=1337 LIMIT 65535 # in ... February 11, 2025

WAF bypass by SoBatistaCyber

The tweet suggests using Burp Suite Decoder to bypass a WAF. This technique involves manipulating encoding to sneak past defen ... February 11, 2025