A Burp Suite plugin by infosec_au has been developed to bypass WAFs by inserting junk data into HTTP requests. This technique was discussed in the NahamCon talk 'Modern WAF Bypass Techniques on Large Attack Surfaces'. The plugin can be used to evade various types of WAFs and may need further testing to understand its impact on different platforms.
For more insights, check out the original tweet here: https://twitter.com/clintgibler/status/1799093987946684808. And don’t forget to follow @clintgibler for more exciting updates in the world of cybersecurity.
Subscribe for the latest news: