Archive

WAF bypass by Supakiad_Mee

The tweet mentions a Stored XSS vulnerability affecting Microsoft Bing. The tweet indicates that there was no WAF (Web Application Firewall) in place ... August 4, 2024

WAF bypass by ibrahimxss_

The #IBRAHIMXSS Tool has successfully bypassed the Fortinet FortiGate Web Application Firewall (WAF) using an XSS payload. This showcases the tool ... August 4, 2024

WAF bypass by GREENSL31146133

A new XSS vulnerability has been discovered in Cloudflare's WAF. The bypass payload <Img Src=OnXSS OnError=confirm('OPENBUGBOUNTY')& ... August 4, 2024

WAF bypass by it4chis3c

The tweet discusses mastering reflected XSS and uncovering hidden XSS flaws with expert tips and advanced payloads. It also mentions WAF bypass techni ... August 4, 2024

WAF bypass by AbhijeetKumaw10

The tweet mentions mastering Reflected XSS and uncovering hidden XSS flaws with expert tips, advanced payloads, and WAF bypass techniques. This is a s ... August 4, 2024

WAF bypass by ibrahimxss_

A bypass for Fortinet FortiGate's XSS protection has been discovered. The payload used is &lt;details open ontoggle="(()=&gt;alert`i ... August 4, 2024

WAF bypass by iamunixtz

A recent tweet mentions a SQL Injection bypass for Akamai's WAF using LazySql. The tweet hints at bypassing Akamai WAF due to false positives fro ... August 4, 2024

WAF bypass by noob_labs

The tweet is vague and does not provide any specific information about the WAF or bypass technique. It is important to provide more details about the ... August 3, 2024

WAF bypass by Wilson233329930

A new bypass technique for Imperva WAF has been discovered for XSS attacks. The payload used is <script>alert('Bypassed Imperva WAF')& ... August 3, 2024

WAF bypass by LordEn0

The tweet mentions the need for manual bypass when tools are unable to bypass WAF. It emphasizes the importance of manual techniques in such situation ... August 3, 2024

WAF bypass by AyushSonekar4

Cloudflare WAF bypass techniques are commonly sought after in the security community. However, bypassing Cloudflare WAF can be challenging due to its ... August 3, 2024

WAF bypass by DC3VDP

A new XSS vulnerability has been discovered by Lucas Pacavira in web applications, allowing WAF bypass and unauthorized execution of malicious JavaScr ... August 3, 2024

WAF bypass by iamunixtz

A tweet about SQL injection tips mentioned using -v 3 on sqlmap to identify the type of payload blocked by a WAF and then selecting the best tamper to ... August 2, 2024

WAF bypass by MiniMjStar – August 2, 2024

SQLMAP is a popular tool used for SQL injection testing. It automates the process of detecting and exploiting SQL injection vulnerabilities in web app ... August 2, 2024

WAF bypass by Romilpatel1988

A Cloudflare WAF bypass was discovered with the payload 'cloud fare'. The bypass affects Cloudflare WAF and allows malicious traffic to evad ... August 1, 2024

WAF bypass by TurvSec

The tweet mentions the automation of web checks for assessing vulnerabilities like Host Header Injection, Other Header Injections (including WAF bypas ... August 1, 2024

WAF bypass by MerPerigou1

The user attempted a SQL injection attack with the payload '1=1' but the WAF blocked it. It's recommended to try different SQLi payload ... August 1, 2024

WAF bypass by Quantum3x2

A bypass for XSS has been discovered with the payload: &amp;lt;details%0Aopen%0AonToGgle%0A=%0Aabc=(co\u006efirm);abc%28%60xss%60%26%2300000000000 ... August 1, 2024

WAF bypass by MarcBacker13025

The tweet mentions a Stored XSS vulnerability bypassing a Web Application Firewall using a unique method of Characters Limitation Bypass. The tweet do ... August 1, 2024

WAF bypass by neni_db

A tweet mentioning a method to bypass Amazon WAF Captcha with minimal cryptocurrency experience. This could be a potential security vulnerability in t ... July 31, 2024

WAF bypass by godfkwinchester

The tweet mentions a desire for a bypass on the F5 BIG-IP ASM WAF this week to run a payload. Unfortunately, the specific bypass payload is not provid ... July 31, 2024

WAF bypass by Bikashh199719

A SQL Injection bypass was identified in various WAFs using the payloads: - /?s=1 - /?s[]=1 - /?s=[1] - /?s=1\ - /?s=1/' / - /?s=1/!1111'/ T ... July 31, 2024

WAF bypass by XtremeDesigns3

The tweet discusses various queries related to subdomain discovery, hidden endpoints, finding origin IP behind strong security layers, bypassing WAF u ... July 31, 2024

WAF bypass by MatinNouryan

A tweet requesting a payload for XSS to bypass Cloudflare WAF. The provided payload is 'In the returl=javascript'. This payload attempts to ... July 30, 2024

WAF bypass by BSidesCbr

A blogpost will be made about the bypass using Payload Delivery Networks to abuse CDNs to bypass WAF and DDoS protections. The post will include detai ... July 30, 2024

WAF bypass by bl4_ck7

The tweet mentions a bypass for Cloudflare WAF using an XSS payload. The payload used is <img src=x onerror=alert(1)>. This bypass can be used t ... July 30, 2024

WAF bypass by rafsandcoder

There is a new SQL injection (SQLi) bypass method using a 403 error code. This bypass can be used against various WAF vendors. Check out the blogpost ... July 29, 2024

WAF bypass by coffinxp7 – July 29, 2024

The tweet mentions a SQL Injection bypass using XOR and benchmark techniques. It highlights that proxies are not needed in this case, and the bypass i ... July 29, 2024

WAF bypass by RK77248372

A Gross WAF Bypass is a type of bypass that can circumvent Web Application Firewalls (WAFs) using an advanced method. It is a technique that allows ma ... July 28, 2024

WAF bypass by abdellahlamine4

The tweet suggests a potential bypass technique using a URL with special characters to trigger a redirect. This could be useful for bypassing WAFs. It ... July 28, 2024