This tweet references a WAF bypass technique that involves using 'junk data' to evade detection. The trick has been known for around 13 year ...July 18, 2025
This tweet shares information about an XSS payload WAF bypass, highlighting advanced techniques used for modern web security. However, the exact paylo ...July 18, 2025
This tweet is a question directed at a user asking how they bypassed a Web Application Firewall (WAF). There is no specific information about the vuln ...July 17, 2025
This tweet brings attention to the fact that not all Web Application Firewall (WAF) bypass techniques are obsolete. Some evasion tactics remain effect ...July 16, 2025
This tweet mentions multiple security researchers and exploits, including FortiWeb RCE and WAF bypass by various researchers. It highlights vulnerabil ...July 16, 2025
The tweet mentions an XSS (Cross-Site Scripting) WAF bypass in the context of the Ekoparty bug bounty village and Bug Bounty Argentina events. However ...July 16, 2025
This tweet highlights a common challenge developers face with Cloudflare's Web Application Firewall (WAF). Cloudflare's WAF is designed to p ...July 16, 2025
This tweet describes an attempt to bypass a Web Application Firewall (WAF) in order to gather database names and banners. Initially, the attempt was m ...July 15, 2025
This tweet announces a new writeup by Raymond Van Wart regarding a Cross-Site Scripting (XSS) vulnerability bypassing the Cloudflare Web Application F ...July 15, 2025
This tweet is part of a series (#Day13) focusing on attack techniques related to SQL Injection (SQLi). It covers several aspects including an explanat ...July 15, 2025
This tweet mentions concepts around WAF (Web Application Firewall) bypass techniques and defenses. It references the use of web bugs and WAF bypass st ...July 15, 2025
This tweet provides a thread of resources for learning about Web Application Firewalls (WAFs) and methods to bypass them. It includes links to great W ...July 14, 2025
The tweet criticizes common WAF bypass payloads found online, stating that most of them are fake or ineffective. It reflects frustration with the qual ...July 14, 2025
The tweet shares a variety of learning resources for bug bounty hunters and security researchers, including guides, methodologies, and attack strategi ...July 14, 2025
This blogpost will focus on an educational discussion about a vulnerability related to Azure Front Door WAF, specifically about bypassing IP restricti ...July 12, 2025
The tweet suggests that bypassing the WAF to exploit XSS (Cross-Site Scripting) or finding CSRF (Cross-Site Request Forgery) vulnerabilities on the ma ...July 12, 2025
This post discusses a bypass for Azure Front Door Web Application Firewall (WAF) specifically targeting the IP restriction feature. Normally, IP restr ...July 11, 2025
This tweet discusses a subtle but important distinction in the way WAFs (Web Application Firewalls) may handle IP restrictions. It compares RemoteAddr ...July 11, 2025
This tweet discusses a common issue with Azure Front Door Web Application Firewall (WAF). The issue can be seen either as a misconfiguration or a feat ...July 11, 2025
This tweet warns about a significant security vulnerability in Azure's Front Door Web Application Firewall (WAF). The issue involves bypassing IP ...July 11, 2025
This tweet reveals a new bypass method targeting AWS WAF, a widely-used web application firewall. The bypass affects universal vulnerability detection ...July 11, 2025
This blog post explains a WAF bypass discovered on Fortinet's FortiWAF related to Blind SQL Injection (SQLi). FortiWAF is a popular web applicati ...July 10, 2025
This tweet shares information about Web Application Firewall (WAF) bypass techniques that are expected to work in 2025. It could be useful for securit ...July 9, 2025
This tweet talks about a new method called #KNOXSS, developed by @BRuteLogic, which uses advanced HTML injection (HTMLi) vectors and JavaScript inject ...July 9, 2025
The tweet introduces Recon Reasoner, which is described as an AI-enhanced reconnaissance tool. This tool is designed to assist security researchers an ...July 8, 2025
This tweet suggests a discussion about bypassing Web Application Firewalls (WAFs) as opposed to Content Security Policies (CSP). The user indicates a ...July 8, 2025
This tweet shares a checklist video related to bypassing Web Application Firewalls (WAFs). It is aimed at bug bounty hunters and security researchers ...July 7, 2025
This WAF bypass concerns a Content Security Policy (CSP) bypass vulnerability. The bypass payload includes using the <base> HTML tag in a way th ...July 6, 2025
This tweet shares learning topics about various web security issues including Blind and Out-of-Band SQL Injection, Cross-Site Scripting (XSS), Web App ...July 6, 2025
This tweet expresses skepticism about claims of bypassing Cloudflare WAF with various payloads. The user points out that Cloudflare WAF never allows e ...July 5, 2025