Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass | A developer's notes in the world of security research and bug bounty, by ...January 5, 2023
Recently, news and research about #WAF bypass technique using JSON-based SQL syntax are making rounds in the interwebs. Arvin Fopalan shares Mitigatin ...January 5, 2023
is it vuln or possible to bypass cloudflare?
@0x_rood @GodfatherOrwa @_0x999
payload:
test",prompt%0A/*HelloWorld*/(document.domain)
output:
var na ...January 5, 2023
How attackers use #credentialstuffing cyberattack tools OpenBullet and MailRanger to bypass #CAPTCHA, compromise mailboxes, and reset passwords. John ...January 4, 2023
RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass
https://t.co/qP9iii0JIp
by @pmnh_
#cybersecurity #infosec #bugbounty #cybersecurityt ...January 3, 2023
Recently, news and research about #WAF bypass technique using JSON-based SQL syntax are making rounds in the interwebs. Arvin Fopalan shares Mitigatin ...January 2, 2023
https://t.co/TwGDDJbgtI
Learn from my first blog on Bug Bounty Reflected XSS Tips for beginners that gave me several high-paying bounties. This blog g ...January 1, 2023
Not sure if this is a new Cloudflare WAF bypass, but all known CF bypasses I tried were blocked. So I played around with the spaces and the on events ...December 30, 2022
Iran ranked first in bot traffic on @cloudflare year in review. Probably because of using various proxies to bypass censorship.
https://t.co/AO1DVwwC ...December 29, 2022
Learn how to bypass Cloudflare using Selenium with this step-by-step guide and make your web scraping projects smoother. https://t.co/a4YGoBHmzn #bypa ...December 29, 2022
Learn about the latest in a string of high profile Multi-Factor Authentication (MFA) Bypass attacks at DropBox. What do these attacks mean for the fut ...December 28, 2022
Google Cloud Armor update on December 28, 2022 https://t.co/Cl6q37RaGG #googlecloud The rule signature 942550-sqli, which covers the vulnerability in ...December 28, 2022
AWS WAF bypass
works on all tags even the meta tag.
(but not for input:hidden)
<x attr="
---
x="=='='onmouseover=confirm`X` style="display:bloc ...December 28, 2022