WAF bypass by Zafran_io The Zafran Research Team has uncovered a critical misconfiguration in popular web application firewall (WAF) services includin ... December 4, 2024
WAF bypass by ctbbpodcast Embedding payloads in credentials is an effective way to bypass WAF detection. When credentials are included in URLs, they are ... December 4, 2024
WAF bypass by BenSeri87 20% of Fortune1000 companies fail to properly configure their CDN-WAF solutions, leading to a widespread WAF bypass that can a ... December 4, 2024
WAF bypass by ruben_v_pina A bypass has been discovered for Amazon Cloudfront WAF using the %ff%00%ff sequence. This sequence terminates the string and s ... December 4, 2024
WAF bypass by RodoAssis The tweet mentions the importance of including a link to online test pages to demonstrate that a WAF bypass works. It highligh ... December 2, 2024
WAF bypass by MiniMjStar – December 2, 2024 The tweet mentions a bypass using the payload 'exercises but brute gym' for CDN WAFs like Akamai. This bypass seems ... December 2, 2024
WAF bypass by MiniMjStar – December 2, 2024 It seems like @RodoAssis is interested in famous CDN WAF tests and payloads for bypassing whitelist/blacklist. Let's expl ... December 2, 2024
WAF bypass by testtriage21277 A new Cloudflare WAF bypass for XSS has been discovered by xss0r. The payload used is <details open ontoggle=alert(document ... December 1, 2024
WAF bypass by PwnlabMe This tweet provides a Nuclei template that can be used for SSRF scanning and WAF bypass. The template can be utilized for secu ... December 1, 2024
WAF bypass by kCXYAks2BMZcpOi A new Cloudflare WAF bypass for XSS has been discovered by xss0r. The bypass payload is <details open ontoggle=alert(do ... November 29, 2024
WAF bypass by kCXYAks2BMZcpOi A new XSS bypass for Cloudflare WAF has been discovered by xss0r. The payload used is <details open ontoggle=alert(document ... November 29, 2024
WAF bypass by BRuteLogic The tweet mentions tricks to obfuscate alert, confirm, and prompt dialogs in order to bypass a filter or WAF for XSS attacks. ... November 28, 2024
WAF bypass by Dghost_Ninja This tweet mentions a common scenario where someone is looking for a way to bypass a Web Application Firewall (WAF) or the 403 ... November 27, 2024
WAF bypass by xss0r A new XSS WAF bypass for Cloudflare has been discovered by xss0r. The payload used for bypass is <details open ontoggle ... November 27, 2024
WAF bypass by zhero___ An interesting discovery has been made in a widely used framework that allows manipulation of the router to bypass specific fi ... November 27, 2024
WAF bypass by ksg93rd Two JavaScript payloads for bypassing WAF in URL context have been discovered. The first payload is "<Svg/OnLoad=alert ... November 27, 2024
WAF bypass by Mr_Sh0wan This XSS bypass payload utilizes the JavaScript import function to execute an alert(origin) function. The use of Unicode encod ... November 26, 2024
WAF bypass by d0znpp ChatGPT has been used to test the effectiveness of bypassing the top 3 WAF vendors. The payload used in this test is 'How ... November 25, 2024
WAF bypass by akaclandestine A Burp extension has been developed to evade TLS fingerprinting, allowing users to bypass WAF and spoof any browser. This tool ... November 25, 2024
WAF bypass by epiro_8 A blogpost about bypassing AWS WAF using XSS payload <script>alert('WAF Bypassed')</script> has been cre ... November 24, 2024
WAF bypass by Jarvis0p1 The tweet mentions learning cool techniques of WAF Bypass from @3nc0d3dGuY and @assetnote while retesting on HackerOne. It sho ... November 23, 2024
WAF bypass by eagle_0408 The tweet does not provide specific information about the WAF bypass techniques used. It is important to have more details abo ... November 23, 2024
WAF bypass by Commanak46 The tweet discusses an error-based SQL Injection WAF bypass by @c0nqr0r. The bypass payload used is Error-based SQL Injection. ... November 22, 2024
WAF bypass by yassir_wahid The tweet mentions hunting bugs using error-based SQL injection (SQLi) to bypass a Web Application Firewall (WAF) without auto ... November 22, 2024
WAF bypass by reverseame A blog post should be made about this bypass as it highlights a vulnerability in file upload validation through Multipart Pars ... November 22, 2024
WAF bypass by coffinxp7 – November 22, 2024 A new SSRF vulnerability has been discovered in Cloudflare's rocketloader nuclei template. This vulnerability can be expl ... November 22, 2024
WAF bypass by viehgroup This tweet describes an XSS bypass for CloudFlare WAF using the payload JavaScript:"<Svg/OnLoad=alert%25%0A26lpar;1)&g ... November 21, 2024
WAF bypass by XssPayloads Two payloads for bypassing WAF in URL context have been shared by @BRuteLogic. The payloads are designed for XSS attacks. The ... November 21, 2024
WAF bypass by RoxyhunkPush The tweet suggests that bypassing a WAF (Web Application Firewall) without the Origin IP is fun and often easy. It mentions th ... November 21, 2024
WAF bypass by Joyerz5 A tweet suggesting to find the Origin IP as a potential WAF bypass technique. This technique aims to identify the real IP addr ... November 21, 2024