The tweet mentions the use of the –eval option for bypassing SQLi vulnerabilities that require complex WAF bypass payloads. It highlights the effectiveness of the –eval option in retrieving database names without the need for custom Python scripts. The tweet suggests that the –eval option has been a game-changer in simplifying the process of bypassing WAF protections for SQLi vulnerabilities.
For more details, check out the original tweet here: https://twitter.com/oualilweb/status/1881283424478020084