The tweet highlights the vulnerability in IDS, IPS, and WAFs due to the design limitations of the PHP query string parser. This bypass technique invol ...May 20, 2024
The tweet discusses exploiting PHP remotely to bypass filters and WAF rules, highlighting the possibilities of executing code remotely. This could pot ...May 20, 2024
The tweet suggests that most bug bounty hunters are not willing to pay for a complete WAF bypass, only for impactful vulnerabilities. This behavior ma ...May 20, 2024
The tweet mentions internal Recon, WAF Bypass, and creating a backdoor. It seems to be discussing a process involving reconnaissance, bypassing a web ...May 20, 2024
A new XSS bypass for Cloudflare WAF has been discovered. The payload used is %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This bypass allows ex ...May 20, 2024
An advance XSS WAF bypass payload has been shared. Stay tuned for more details on the Telegram channel: https://t.co/jVWM0SeHOp
For more insights, che ...May 18, 2024
A tweet mentioning a Cloudflare WAF Bypass. The tweet discusses decoding Cloudflare and understanding its functionality, specifically highlighting a b ...May 18, 2024
The tweet suggests a SQL injection vulnerability in a BMW program with a strong WAF blocking the bypass attempts. It mentions trying various bypass an ...May 18, 2024
A stored XSS vulnerability was discovered on a private bug bounty program at HackerOne. The bypass payload used was '<Img Src=OnXSS OnError=co ...May 18, 2024
The tweet mentions a WAF Bypass Tool that can analyze the security of any WAF for False Positives and False Negatives using predefined and customizabl ...May 18, 2024
The tweet suggests the user can help bypass a Web Application Firewall (WAF). More information is needed to analyze the specific vulnerability type, b ...May 18, 2024
A blogpost has been made about a Cloudflare WAF Bypass using the payload 'DelvingintoCloudflareReverseProxy:UnmaskingWebsites'. More technic ...May 18, 2024
A stored XSS vulnerability was discovered in a private bug bounty program hosted on HackerOne. The bypass payload used was <Img Src=OnXSS OnError=c ...May 18, 2024
The tweet contains a potential XSS bypass payload. More information is needed to determine the specific details of the bypass.
For more details, check ...April 24, 2024
A Remote Code Execution (RCE) vulnerability was exploited using Server-Side Template Injection (SSTI) on a Spring Boot Error Page with an Akamai WAF B ...April 24, 2024
The tweet suggests that WAFs are not foolproof and can be bypassed over time. The quote 'If there is a WAF there is a way' implies that ther ...April 24, 2024
A Cloudflare WAF bypass was discovered with the payload %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This payload exploits a Cross-Site Scripti ...April 24, 2024
In a recent CTF (DiceCTF), a vulnerability was discovered that allowed for bypassing a WAF using ejs template injection. This technique involves setti ...April 24, 2024
A bypass for Cloudflare WAF has been discovered for XSS vulnerability. The payload used for bypass is <inpuT autofocus oNFocus="setTimeout(fun ...April 24, 2024
A new XSS bypass has been discovered for Cloudflare WAF. The payload used for bypass is %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This bypas ...April 24, 2024
A new XSS bypass for Cloudflare WAF has been discovered. The payload used is %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E. This bypass allows an ...April 24, 2024
A tweet asking if Akamai WAF has been bypassed for prototype pollution. Prototype pollution is a type of vulnerability. It seems like the tweet is inq ...April 24, 2024
The tweet mentions that there are other public search payloads available for WAF bypass. It is important to analyze and test these payloads to ensure ...April 24, 2024
The tweet suggests that the user found a bug in the Palestinian government's endpoint which was forbidden and protected by a WAF. The user claims ...April 24, 2024
A repository containing WAF bypass payloads for XSS has been shared. These payloads are designed to bypass various Web Application Firewalls. Security ...April 23, 2024
The tweet mentions the need to try and find a WAF bypass. Since the vendor is unknown and there is no specific payload mentioned, it is important to g ...April 23, 2024
The tweet mentions bypassing a custom WAF in just 2 minutes. This indicates a potential vulnerability in the custom WAF configuration. It is important ...April 23, 2024
The tweet describes a concerning security issue where the speaker claims to be able to identify the origin IP and bypass the WAF in a short amount of ...April 23, 2024
A SQL Injection bypass technique was used to extract user passwords from the users table. The input was placed between %% and a WAF that replaces /* a ...April 23, 2024