mechanisms

Recommendations

Info

Results 300+ potential bypasses Most “vulnerable”: PHPIDS (E = 1,15) Less “vulnerable”: Comodo WAF (E = 0,32) Most “exploitable”: OWASP CRS3-rc (E = 0,89) E = Potential bypasses / Total rules
METHOD I: Syntax bypass Of regular expressions Enumerate all possible and invent all impossible mistakes
Page 2 and 3: Web Application Firewalls: Attackin
Page 4 and 5: Agenda 1. Introduction 2. Detection
Page 6 and 7: WAF workflow example Stage 1: Parse
Page 8 and 9: Regular expression… …is a seque
Page 12 and 13: What’s wrong with regexp? Level:
Page 20 and 21: Regular expressions: Security cheat
Page 22 and 23: Target audience Not only WAFs use R
Page 24 and 25: ^(?:ht|f)tps?://(.*)$
Page 26 and 27: QuickDefense WAF: Attackers are laz
Page 28 and 29: JavaScript checker in real-life web
Page 30 and 31: JavaScript checker in real-life web
Page 32 and 33: EdgeHTML.dll IE+Edge XSS Auditor
Page 34 and 35: EdgeHTML.dll Regexp bypass. Result:
Page 36 and 37: (?:div|like|between|and|not )\s+\w)
Page 38 and 39: What’s next? 1. Identify WAF vend
Page 40 and 41: ModSecurity SQLi Bypass Basic SQLi
Page 42 and 43: What’s next? 1. Identify WAF vend
Page 44 and 45: Blacklists fail #1 https://github.c
Page 46 and 47: Researches success @mazen160
Page 48 and 49: METHOD III: Unexpected by primary l
Page 50 and 51: XSS Fuzzer
Page 52 and 53: libinjection
Page 54 and 55: SQL fuzzer
Page 56 and 57: SQL Fuzzer: Results
Page 58 and 59: TODO 1. Update Regular Expression S
Page 60:
Thank you Arseniy Sharoglazov (Con
show all

mechanisms

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?