Archive

WAF bypass by Dinosn

The JYso tool is a versatile tool that can be used for both ysoserial and JNDIExploit. It includes bypass functions for multiple JNDI high versions, W ... August 23, 2024

WAF bypass by CyberYetixx

A Cloudflare WAF bypass for XSS vulnerability has been discovered. The bypass combines simple (but efficient) tricks to evade filters and obfuscation. ... August 22, 2024

WAF bypass by akr3ch

The tweet mentions a successful submission on Bugcrowd for a Reflected XSS vulnerability with a WAF Bypass. The payload used for the bypass is 't ... August 22, 2024

WAF bypass by 0x_rood

The tweet mentions a cool hidden parameter that was discovered along with a WAF bypass. The bypass technique is not specified, and the WAF vendor is u ... August 22, 2024

WAF bypass by Joyerz5

The tweet mentions a method to bypass WAF protection for SQL Injection by using --sql-shell or --os-shell payloads. The mention of tamper to bypass WA ... August 22, 2024

WAF bypass by BrainLabVisions

Forbes website uses a common and easy to bypass WAF to secure their website. The XSS vulnerability can be exploited with the payload <img src=x one ... August 21, 2024

WAF bypass by nemesida_waf

The tweet mentions the release of WAF Bypass Tool 2.1.2 with features like a progress bar and ETA. It encourages users to check their WAF before attac ... August 20, 2024

WAF bypass by binitamshah

The tweet mentions tools WhatWaf and WAFW00F which are used to detect and bypass web application firewalls (WAF) and identify WAF products protecting ... August 20, 2024

WAF bypass by duraidsinno

The tweet mentions a hope for bypassing WAF and blocking filters. It is unclear which specific vulnerability or WAF vendor is being discussed. More in ... August 16, 2024

WAF bypass by r00tSid

This tweet seems to contain a link which could potentially be a bypass payload for a Web Application Firewall (WAF). Further analysis is required to d ... August 16, 2024

WAF bypass by coffinxp7 – August 16, 2024

A tweet suggests using XSS pollyglots to bypass WAF security. This type of bypass utilizes pollyglots to evade security controls. It is recommended to ... August 16, 2024

WAF bypass by imninjavi

The tweet mentions a possible SQL Injection vulnerability in the search feature but unable to prove further due to a WAF. The potential bypass payload ... August 16, 2024

WAF bypass by ULTRAREDonX

The tweet suggests a creative approach to enhancing WAF bypass for XSS attacks. The payload used is <script>alert('XSS bypass!')</s ... August 15, 2024

WAF bypass by chakieeeee

A reflected XSS vulnerability was discovered on a website protected by Akamai WAF using a Google Dork and bypass technique. The tweet suggests moving ... August 15, 2024

WAF bypass by whithat444

The WAF bypass payload provided by @Shad0wH3x and @gregxsunday is unable to bypass Amazon CloudFront. This highlights the robust security measures imp ... August 14, 2024

WAF bypass by bountyoverload

When bypassing a WAF, it's important to remember that not every WAF is configured the same way. Customizing your bypass based on other people ... August 14, 2024

WAF bypass by Shad0wH3x

The tweet mentions that different configurations have been tweaked and successfully bypassed in multiple websites using Cloudflare WAF. The payloads m ... August 14, 2024

WAF bypass by whithat444

A bypass payload has been discovered that can bypass Cloudflare WAF. The payload was successfully tested by @Shad0wH3x and @gregxsunday. This bypass a ... August 14, 2024

WAF bypass by noob_labs

The tweet does not provide enough information to analyze the WAF bypass. Please provide a detailed payload and the WAF vendor for analysis. For more i ... August 14, 2024

WAF bypass by tobias_petry

The tweet mentions the limitation of not having an option in the WAF to bypass captcha. It also suggests using Cloudflare for deactivating certain sec ... August 13, 2024

WAF bypass by ibrahimxss_

A new XSS WAF bypass has been discovered by ibrahimxss. The payload used for bypass is <script>alert(1)</script>. This bypass affects vari ... August 13, 2024

WAF bypass by KonwarAbhi98099

A XSS WAF bypass has been identified affecting Akamai, Cloudflare, Cloudfront, Imperva, Incapsula, and WordFence. The payload <script>alert(1)&l ... August 12, 2024

WAF bypass by LanaJam88979549

The tweet suggests manual endpoint crawling to find parameters that can be exposed, such as 'index.php?I'd=', and manually checking the ... August 12, 2024

WAF bypass by Ahmed54528554

The tweet mentions a SQL injection (SQLi) bypass for WAF (Web Application Firewall). The bypass payload used is 'sqli bypass waf'. This bypa ... August 12, 2024

WAF bypass by 0vulns

The tweet suggests the possibility of manually bypassing a Web Application Firewall (WAF) and offers to code a tamper for that purpose. While the spec ... August 12, 2024

WAF bypass by coffinxp7 – August 11, 2024

This tweet suggests the need to scan ports on internal IP addresses and bypass a Web Application Firewall (WAF). Port scanning is commonly used to ide ... August 11, 2024

WAF bypass by r00tSid

The user encountered issues bypassing Cloudflare and Akamai WAFs while using a SQL injection tool. They were unable to bypass the WAFs using sqlmap or ... August 11, 2024

WAF bypass by MaconF67102

The tweet mentions a Stored XSS vulnerability and a Characters Limitation Bypass used to bypass a Web Application Firewall. The WAF vendor is unspecif ... August 10, 2024

WAF bypass by mqst_

The tweet provides a list of resources related to bypassing WAFs, including tools and websites. It seems to showcase different methods to bypass WAFs ... August 9, 2024

WAF bypass by CyberYetixx

A bypass for XSS has been discovered in Fortinet FortiGate WAF. The payload used for the bypass is <details open ontoggle="(()=>alert`ibrah ... August 9, 2024