The RSC Scanner v2.5 has been released with major updates based on community feedback. One of the critical fixes includes support for multipart/form-data transport, which is crucial for accurate scanning of web vulnerabilities. Most importantly, the release introduces an Auto WAF Bypass Mode enabled by the –bypass option. This mode is designed to automatically attempt evading Web Application Firewalls (WAFs) during security scans, improving the chances of detecting vulnerabilities that were previously hidden behind WAF protections. Although the specific WAF vendors targeted are not mentioned, this feature can benefit bounty hunters and penetration testers by enhancing their scanning capabilities against a range of WAF protections. Users are encouraged to scan their targets again using the new version to ensure no potential bounties are missed due to WAF blocks.
Original tweet: https://twitter.com/javobernardo/status/1998900016770068951