The tweet highlights a significant cybersecurity concern about Web Application Firewalls (WAFs), specifically Cloud Armor's 2024 policy. It sugge ...July 28, 2025
This tweet shares a penetration testing tip regarding bypassing Web Application Firewall (WAF) protections. It suggests that instead of scanning JavaS ...July 28, 2025
This tweet claims a method to bypass a Web Application Firewall (WAF) specifically to exploit Stored Cross-Site Scripting (XSS) vulnerabilities. The a ...July 28, 2025
The tweet is asking about strategies to bypass a Web Application Firewall (WAF) when generic payloads are blocked, and how to create new payloads. It ...July 28, 2025
Akamai WAF, a widely used web application firewall, has been bypassed using clever JavaScript payloads leveraging the replace function in different fo ...July 27, 2025
This bypass technique exploits the use of multibyte character encodings, specifically GBK or other East Asian encodings, to evade Web Application Fire ...July 25, 2025
This tweet describes an exploratory attempt to bypass a Web Application Firewall (WAF) using an event handler payload. The individual notes that the t ...July 25, 2025
This tweet highlights an important fact about Web Application Firewalls (WAFs): they are not completely foolproof against SQL Injection (SQLi) attacks ...July 24, 2025
The tweet highlights a security product named ThreatNG that has an ability compared to the cartoon character Bugs Bunny, who cleverly identifies and d ...July 24, 2025
This tweet reveals a Web Application Firewall (WAF) bypass targeting Cloudflare's WAF. The bypass payload involves injecting a Cross-Site Scripti ...July 23, 2025
This tweet highlights an Exploit Panel feature built into a security testing tool. It allows instant testing of various vulnerabilities with both auto ...July 22, 2025
This tweet showcases bypass payloads for Cross-Site Scripting (XSS) vulnerabilities against three major Web Application Firewalls (WAFs): CloudFlare, ...July 21, 2025
This tweet refers to a security bypass affecting Imperva's Web Application Firewall (WAF). According to the tweet, the Imperva team attempted to ...July 21, 2025
This tweet is an invitation to learn more about bypassing Web Application Firewalls (WAFs) by visiting a shared resource linked in the tweet. It highl ...July 20, 2025
This tweet provides an overview of topics related to XXE (XML External Entity) attacks as part of a 14-day series on attack techniques. It covers what ...July 19, 2025
In this tweet, the user points out an interesting characteristic of JavaScript's handling of big integers. JavaScript allows the use of a 'b ...July 19, 2025
The WAFFLED attack is a new technique that targets major Web Application Firewalls (WAFs) including AWS WAF, Azure WAF, Google Cloud Armor, Cloudflare ...July 19, 2025
This tweet introduces an XSS payload that is designed to bypass Microsoft's 2025 Web Application Firewall (WAF). The payload is an HTML input ele ...July 18, 2025
This tweet encourages pentesters and cybersecurity enthusiasts to enhance their skills by learning advanced WAF bypass techniques. It suggests that th ...July 18, 2025
This tweet discusses a Web Application Firewall (WAF) bypass technique using junk data. This trick has been known for 13 years and is a universal meth ...July 18, 2025
This tweet references a WAF bypass technique that involves using 'junk data' to evade detection. The trick has been known for around 13 year ...July 18, 2025
This tweet shares information about an XSS payload WAF bypass, highlighting advanced techniques used for modern web security. However, the exact paylo ...July 18, 2025
This tweet is a question directed at a user asking how they bypassed a Web Application Firewall (WAF). There is no specific information about the vuln ...July 17, 2025
This tweet brings attention to the fact that not all Web Application Firewall (WAF) bypass techniques are obsolete. Some evasion tactics remain effect ...July 16, 2025
This tweet mentions multiple security researchers and exploits, including FortiWeb RCE and WAF bypass by various researchers. It highlights vulnerabil ...July 16, 2025
The tweet mentions an XSS (Cross-Site Scripting) WAF bypass in the context of the Ekoparty bug bounty village and Bug Bounty Argentina events. However ...July 16, 2025
This tweet highlights a common challenge developers face with Cloudflare's Web Application Firewall (WAF). Cloudflare's WAF is designed to p ...July 16, 2025
This tweet describes an attempt to bypass a Web Application Firewall (WAF) in order to gather database names and banners. Initially, the attempt was m ...July 15, 2025
This tweet announces a new writeup by Raymond Van Wart regarding a Cross-Site Scripting (XSS) vulnerability bypassing the Cloudflare Web Application F ...July 15, 2025