Archive

WAF bypass by thehackerish

The WAF blocks "<whatever" and "%3Cwhatever". How would you bypass it to inject in the context <tr>HERE</tr>? ... February 10, 2022

WAF bypass by WebCoderz

just detected a cool waf bypass using jndi to deliver mirai elf via a base64 encoded string uploaded to github and VirusTotal : https://t.co/4BkRWAFw ... February 9, 2022

WAF bypass by yeswehack

? Have you tried our last Dojo? Some nice WAF bypass to exploit! #BugBounty #YesWeRHackers https://t.co/65ng1k3ZCd ... February 9, 2022

WAF bypass by buaqbot

??Bypass Waf – ?????? https://t.co/h4fwDO2SwK https://t.co/uR6nchpo2m ... February 9, 2022

WAF bypass by buaqbot

??Bypass Waf – ?????? https://t.co/bvMshx1GBg https://t.co/ZkklnURubN ... February 9, 2022

WAF bypass by RiotSecTeam

Basic but good tip I recently used in the real world. Got command injection, couldn't get a shell due to noshell for my user had CF + Lite speed waf s ... February 8, 2022

WAF bypass by buaqbot

??Bypass Waf - ?????? https://t.co/x954yjEwhX https://t.co/wiH6Vj3PRi ... February 8, 2022

SQL injection

WAF bypass SQL injection by steiner254

I recommend for sqlmap bypass waf --level=5 --risk=3 -p 'item1' --tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,blue ... February 8, 2022

F5

F5 bypass by buaqbot

??Bypass Waf - ?????? https://t.co/09MKsf5brF https://t.co/Uwcnk24AXm ... February 7, 2022

WAF bypass by systemDumb

When testing for command injection, I ran into a WAF blocking pretty much every major Linux command. $() and ${} were blocked. To get around it I en ... February 4, 2022

CloudFlare , XSS

CloudFlare bypass XSS by spyerror

Cloudflare {XSS} «byPass detection» `payload´; later on!? #BugBounty #BugBountyTip #WAF #infosec https://t.co/00PNf1QtCP ... February 4, 2022

CloudFlare

CloudFlare bypass by ARastimeshin

bypass firewall - search for ip real site - vs. Cloudflare or WTF CloudFail :) https://t.co/p8IDWoLJBk ... February 4, 2022

CloudFlare , Imperva , Sucuri

Incapsula bypass by ARastimeshin

Bypass firewalls for web applications Cloudflare, Incapsula, SUCURI https://t.co/QmAiJBY9lC WAFs block malicious requests and protect against (D)DoS ... February 4, 2022

Akamai

Akamai bypass by ClappedRy

Selenium is ass nor does it bypass akamai/bot protection https://t.co/0IbiN3flnk ... February 4, 2022

WAF bypass by Kloudleinc

Today @Kloudleinc's Chief Hacker @riyazwalikar demonstrates how a documented yet little known limitation of #AWS #WAF service can be used to bypass it ... February 3, 2022

SQL injection

WAF bypass SQL injection by ptswarm

? A Tip for SQL Injection WAF Bypass https://t.co/gnUmScvbap ... February 2, 2022

WAF bypass by DragonJAR

Con este script en Python puedes saltar las restricciones por IP’s que se realizan a través de headers HTTP (ya sean por aplicación, algún WAF, e ... February 2, 2022

Akamai , SQL injection

Akamai bypass SQL injection by Honphilemon

Payloads for Akamai WaF bypass SQLi to be added on word list. ... January 31, 2022

Imperva , XSS

Incapsula bypass XSS by r00t98

any xss payload to bypass incapsula waf? #bugbounty #bugbountyhelp ... January 31, 2022

WAF bypass by ___t0___

I made wordlists to find out how you can bypass filters or WAF with encoding : https://t.co/IHxOWdXUX3 #PenTest #BugBounty Enjoy ! ... January 30, 2022

Akamai , SQL injection

Akamai bypass SQL injection by 0Xweb01

any idea about bypass akamai web application firewall using sqlmap #bugbountytips ... January 28, 2022

WAF bypass by buaqbot

Java???????WAF??????? https://t.co/FS7n7tMD8p https://t.co/ra9WwGgAOv ... January 28, 2022

F5

WAF bypass by F5

Cybercriminals are using advanced strategies to bypass traditional security and fraud defenses. How can you stop them? Glad you asked—watch our webi ... January 27, 2022

CloudFlare , RCE

CloudFlare bypass RCE by FreelanceJobRSS

#Apache #Linux cloudflare argo tunnel -- 2: im looking for a server admin who can create a argo cloudflare tunnel and prevent scanners like shodan / c ... January 27, 2022

Imperva

Imperva bypass by grabjt

#ICYMI: @Imperva Threat Research continues to monitor Log4j-related attack volumes and payloads. @Info_Sec_Buzz has the details on our latest analys ... January 25, 2022

CloudFlare

CloudFlare bypass by DECONIC1

beautifulsoup4 is totally useless when it can't even bypass cloudflare. ... January 24, 2022

CloudFlare

CloudFlare bypass by meru_golang

cloudflare bypass ... January 23, 2022

WAF bypass by AcooEdi

LOG4J Java exploit - WAF and patches bypass tricks https://t.co/4uw5z2ayDh via @pulik_io ... January 23, 2022

WAF bypass by theXSSrat

Want to learn more about WAFs? https://t.co/8DsvdI1BEV https://t.co/TqU62rd5Eh ... January 22, 2022

XSS

WAF bypass XSS by SecGus

Has anyone seen a recent litespeed xss waf bypass? ... January 22, 2022