Archive

WAF bypass by ott3rly

The tweet mentions using custom XOR payloads added to sqlmap's boolean_blind.xml file to bypass WAF protection for SQL Injection. This technique ... May 29, 2024

WAF bypass by iSecurity

Security experts have disclosed advanced methods for bypassing Web Application Firewalls (WAFs) on a large scale, and they have also introduced a new ... May 29, 2024

WAF bypass by its_Loksh_P

The tweet discusses using encodings in HTML tags to inject symbols at specific points to bypass WAF, filters, and sanitizers. This technique can be us ... May 29, 2024

WAF bypass by The_Cyber_News

Researchers have detailed modern WAF bypass techniques with a Burp Suite plugin. This plugin introduces advanced methods for bypassing Web Application ... May 29, 2024

WAF bypass by d0nutptr

The tweet mentions a WAF bypass not being technically interesting in terms of improving security. It highlights that while WAF bypasses may circulate ... May 29, 2024

WAF bypass by d0nutptr

An interesting perspective on WAF bypass and XSS protection. While WAFs may have limitations as a security boundary, Content Security Policy (CSP) is ... May 29, 2024

WAF bypass by AnmolSecSavvy

A Shodan WAF bypass has been discovered and shared in a tweet. The bypass payload used is specifically designed for Shodan WAF. This tweet mistakenly ... May 29, 2024

WAF bypass by tbbhunter

The tweet discusses modern WAF bypass techniques on large attack surfaces. It highlights the evolving challenges faced in bypassing Web Application Fi ... May 28, 2024

WAF bypass by KaafUzair

The tweet mentions completing the 'WAF Bypass - Exclude spaces' challenge on @YesWeHack. The challenge likely involved bypassing a WAF by ex ... May 27, 2024

WAF bypass by GodfatherOrwa

A new tip has been shared regarding bypassing Akamai WAF by loading huge parameters to the request. This method allows for accessing inaccessible host ... May 27, 2024

WAF bypass by Jhaddix

The tweet mentions a presentation on WAF bypass using socks + proxying tools. This type of bypass can be used for various types of vulnerabilities acr ... May 26, 2024

WAF bypass by h4x0r_dz

Changing or adding headers, especially the Content-Type, can be an effective and easy way to bypass a Web Application Firewall (WAF). This method can ... May 26, 2024

WAF bypass by doz995764

The tweet mentions a fantastic WAF bypass lecture with slides from yesterday. Unfortunately, the vendor of the WAF is not specified. It's importa ... May 26, 2024

WAF bypass by ehack_web

The tweet indicates an attempt to bypass a Web Application Firewall (WAF) without specifying the vulnerability type or vendor. It mentions quickly gra ... May 26, 2024

WAF bypass by BO_Potatos

The user is experiencing difficulties bypassing a WAF for SQL Injection despite successfully sending the payload through Burp. More investigation is n ... May 25, 2024

WAF bypass by VictoriqueM

The tweet highlights a curiosity about bypassing Cloudflare WAF, mentioning it as a never-ending battle. The post suggests that bypassing WAFs like Cl ... May 25, 2024

WAF bypass by VictoriqueM

The tweet highlights an ironic situation where a website promotes an 'update-proof solution' but directs users to a login page protected beh ... May 25, 2024

WAF bypass by A7medBasiony

A working payload has been discovered to bypass CloudFront WAF. This is a significant vulnerability that affects CloudFront's WAF protection. The ... May 24, 2024

WAF bypass by A7medBasiony

A Cross-Site Scripting (XSS) payload was discovered to bypass CloudFront WAF when the payload was reflected in the location function. The payload  ... May 24, 2024

WAF bypass by Anastasis_King

The tweet mentions the top XSS WAF bypass payloads. It is important to note that XSS vulnerabilities can pose a serious threat to web applications. Th ... May 24, 2024

WAF bypass by 0xRAYAN7

BugHuntingTips tweeted about top XSS WAF bypass payloads for CloudFlare WAF. Payloads include various XSS vectors such as <svg onload=alert& ... May 24, 2024

WAF bypass by 0xRAYAN7

BugHuntingTips shared some top XSS WAF bypass payloads for CloudFlare WAF. The payloads include various encoded SVG elements triggering alert and conf ... May 24, 2024

WAF bypass by shivam_tiwari22

The tweet mentions exploring the top XSS WAF bypass payloads for various WAF vendors including Akamai, CloudFlare, CloudFront, ModSecurity, and Imperv ... May 24, 2024

WAF bypass by az7rb

The tweet suggests bypassing WAF by searching for the real IP address using DNS History and Subdomains. The recommendation is to use securitytrails.co ... May 24, 2024

WAF bypass by snfiidev

The tweet mentions a request for bypassing Cloudflare WAF. The details of the bypass payload are unknown, but it seems someone is seeking help to bypa ... May 24, 2024

WAF bypass by Sajjadabbas900

This tweet contains a link to a potential WAF bypass. Further analysis is needed to determine the vulnerability type and WAF vendor. It is important t ... May 24, 2024

WAF bypass by DuncanCitizen2

A new XSS bypass was discovered for Imperva WAF. The payload used was <img src=x onerror=alert(1)>. This bypass allows malicious code to be exec ... May 24, 2024

WAF bypass by shaharia_munna

The tweet mentions a collection of top XSS WAF bypass payloads. This could be useful for bypassing various Web Application Firewalls (WAFs) that prote ... May 24, 2024

WAF bypass by allinone_cyber

A XSS WAF bypass was discovered by @coffinxp7. The bypass payload used was <script>alert(1)</script>. The WAF vendor is unknown. More deta ... May 24, 2024

WAF bypass by coffinxp7 – May 24, 2024

The tweet mentions XOR payloads that can bypass many WAFs by using the XOR operator to obfuscate payloads. This technique makes WAFs easily bypassed. ... May 24, 2024