The tweet mentions a bypass of Cloudflare's WAF using Java dynamic loading features to implement a bypass of JSP webshells. This vulnerability al ...June 18, 2024
The tweet mentions a blog post about SQLi WAF Bypass Techniques using Time-Based Attacks. It is recommended to check the blog post for detailed techni ...June 18, 2024
The tweet mentioned a WAF bypass with the payload 'test1'. The vendor of the WAF is unknown. More details are needed to analyze further.
htt ...June 18, 2024
A WAF bypass for Cross-Site Scripting via Web Cache Poisoning was discovered. This bypass technique can exploit vulnerabilities in the web cache to in ...June 18, 2024
A web cache poisoning to XSS vulnerability was discovered on a bug bounty program. Check out the write-up at the provided link for more details. #bugb ...June 18, 2024
The tweet mentions a XSS vulnerability found in a Turkish clothing brand's website and a WAF bypass method. The details of the bypass method were ...June 18, 2024
The blog post by @ott3rly discusses SQLi WAF Bypass Techniques using Time-Based Attacks. It provides insights and techniques for bypassing WAF protect ...June 18, 2024
A bounty of 70+19 dollars is being offered for a WAF Bypass with Direct Server Access by the Origin IP. This bypass targets all types of vulnerabiliti ...June 16, 2024
The tweet mentions a Cross-site Scripting (XSS) vulnerability that was reported via YesWeHack platform. The specific type of XSS mentioned is Reflecte ...June 15, 2024
The tweet mentions a handy tool to bypass 403 Forbidden responses developed by nomore403. This tool could be used to bypass WAF restrictions and acces ...June 15, 2024
The tweet indicates the user's interest in learning about XSS and bypassing WAF. They mentioned learning HTML, CSS, and planning to learn JS for ...June 14, 2024
A tweet asking how to bypass Cloudflare WAF. To bypass Cloudflare WAF, you can try using advanced techniques like encoding, obfuscation, or evasion ta ...June 14, 2024
The tweet highlights the common use of bypass techniques in the red team culture to exploit vulnerabilities. It emphasizes the importance of having pr ...June 14, 2024
Two individuals successfully bypassed a normal WAF for exploiting XSS using unicode and bypassed Kaspersky EDR for dumping lsass. Both incidents highl ...June 14, 2024
The tweet mentions a presentation on bypassing WAFs focusing on filter collisions. This could be a potential XSS bypass technique. No specific vendor ...June 14, 2024
A WAF bypass was discovered by appending "%2f" to URLs to bypass file extension rules. The rules were converted to regex path rules to mitig ...June 14, 2024
This tweet mentions a SQL Injection WAF bypass specifically for Ghauri WAF that blocks data extraction. The bypass payload used seems to be effective ...June 13, 2024
The tweet mentions a successful bypass of the Berlin WAF using a payload for R-XSS vulnerability. The payload used is "><?/script&a ...June 13, 2024
The tweet suggests there is a method to bypass multiple WAFs including Cloudflare, Incapsula, and Sucuri. It would be advisable to investigate further ...June 13, 2024
Cleveland Ohio has recently fallen victim to a cyberattack, highlighting the need for robust WAF solutions. The popular Akamai WAF in use seems to hav ...June 13, 2024
This tweet implies a universal WAF bypass where the type of domain (origin IP or WAF) does not matter as long as the bypass is successful. This highli ...June 13, 2024
A SQL injection bypass was discovered in Portswigger Lab's WAF using XML encoding. The tweet describes a payload crafted to bypass the WAF's ...June 12, 2024
Bypassing WAF through a large number of characters can be an effective technique for various vulnerabilities like XSS, SQLi, RCE, and more. This metho ...June 12, 2024
This tweet is asking about bug bounty programs accepting only WAF bypass vulnerabilities without any other impacts. It raises a question about the sco ...June 12, 2024
The tweet mentions an XSS WAF bypass using the payload 'app.alert(1)' that has been around for days/weeks. It suggests that the individual c ...June 12, 2024
The payload 'benchmark replace of sleep' can be used to bypass various WAFs for SQL injection vulnerabilities. This payload allows an attack ...June 11, 2024
While analyzing a tweet, an injectable point to HTML tags was discovered, but the WAF in place is Akamai. The tweet offers a reward for bypassing the ...June 11, 2024
The tweet suggests that these payloads might be useful for finding another payload to bypass a Web Application Firewall (WAF). It doesn't specify ...June 11, 2024
The tweet mentioned a WAF bypass using the origin IP to evade detection in SQL Injection attacks. This bypass technique could potentially circumvent s ...June 11, 2024