This tweet points out a bypass technique involving WAF (Web Application Firewall) protection provided by Cloudflare through the use of Proxychain. The ...August 2, 2025
In this blog post, we discuss a recent finding where a team of security researchers, including @0xmagdy and @h_hussein11, successfully bypassed a Web ...August 2, 2025
This tweet suggests a bypass technique for web application firewalls (WAFs) where prepending junk data to the payload can help bypass detection. Unlik ...July 30, 2025
This tweet highlights two methods for bypassing web application firewalls (WAFs) commonly used to protect web applications. First is Parameter Polluti ...July 30, 2025
This blogpost talks about a Web Application Firewall (WAF) bypass related to F5 WAFs and reverse proxies. F5 is a well-known vendor providing security ...July 30, 2025
CerberusX Tool is a new security tool designed to detect multiple types of Cross-Site Scripting (XSS) vulnerabilities. It also features automatic craw ...July 30, 2025
This tweet discusses a situation where a security researcher or attacker has identified a possible SQL injection (SQLi) vulnerability in a target webs ...July 30, 2025
The tweet is a request asking for an approach on how to bypass a Web Application Firewall (WAF) for Cross-Site Scripting (XSS) vulnerabilities. It doe ...July 29, 2025
The tweet hints at a possible way to bypass a Web Application Firewall (WAF) by changing the user agent (UA) to a mobile browser UA string. The idea i ...July 29, 2025
This tweet recommends using HTTP Request Smuggler as a top plugin in Burp Suite for effective bypass of Web Application Firewalls (WAFs) via HTTP requ ...July 29, 2025
The tweet highlights a significant cybersecurity concern about Web Application Firewalls (WAFs), specifically Cloud Armor's 2024 policy. It sugge ...July 28, 2025
This tweet shares a penetration testing tip regarding bypassing Web Application Firewall (WAF) protections. It suggests that instead of scanning JavaS ...July 28, 2025
This tweet claims a method to bypass a Web Application Firewall (WAF) specifically to exploit Stored Cross-Site Scripting (XSS) vulnerabilities. The a ...July 28, 2025
The tweet is asking about strategies to bypass a Web Application Firewall (WAF) when generic payloads are blocked, and how to create new payloads. It ...July 28, 2025
Akamai WAF, a widely used web application firewall, has been bypassed using clever JavaScript payloads leveraging the replace function in different fo ...July 27, 2025
This bypass technique exploits the use of multibyte character encodings, specifically GBK or other East Asian encodings, to evade Web Application Fire ...July 25, 2025
This tweet describes an exploratory attempt to bypass a Web Application Firewall (WAF) using an event handler payload. The individual notes that the t ...July 25, 2025
This tweet highlights an important fact about Web Application Firewalls (WAFs): they are not completely foolproof against SQL Injection (SQLi) attacks ...July 24, 2025
The tweet highlights a security product named ThreatNG that has an ability compared to the cartoon character Bugs Bunny, who cleverly identifies and d ...July 24, 2025
This tweet reveals a Web Application Firewall (WAF) bypass targeting Cloudflare's WAF. The bypass payload involves injecting a Cross-Site Scripti ...July 23, 2025
This tweet highlights an Exploit Panel feature built into a security testing tool. It allows instant testing of various vulnerabilities with both auto ...July 22, 2025
This tweet showcases bypass payloads for Cross-Site Scripting (XSS) vulnerabilities against three major Web Application Firewalls (WAFs): CloudFlare, ...July 21, 2025
This tweet refers to a security bypass affecting Imperva's Web Application Firewall (WAF). According to the tweet, the Imperva team attempted to ...July 21, 2025
This tweet is an invitation to learn more about bypassing Web Application Firewalls (WAFs) by visiting a shared resource linked in the tweet. It highl ...July 20, 2025
This tweet provides an overview of topics related to XXE (XML External Entity) attacks as part of a 14-day series on attack techniques. It covers what ...July 19, 2025
In this tweet, the user points out an interesting characteristic of JavaScript's handling of big integers. JavaScript allows the use of a 'b ...July 19, 2025
The WAFFLED attack is a new technique that targets major Web Application Firewalls (WAFs) including AWS WAF, Azure WAF, Google Cloud Armor, Cloudflare ...July 19, 2025
This tweet introduces an XSS payload that is designed to bypass Microsoft's 2025 Web Application Firewall (WAF). The payload is an HTML input ele ...July 18, 2025
This tweet encourages pentesters and cybersecurity enthusiasts to enhance their skills by learning advanced WAF bypass techniques. It suggests that th ...July 18, 2025