In WAF we (should not) trust

blog.quarkslab.com · Keissy BOD · 7 days ago

0 net

Deep dive into Web Application Firewall (WAF) bypasses, from misconfiguration exploitation to crafting obfuscated payloads. We show the impact of the parsing discrepancy between how a WAF reads a request and how a backend executes it. It is not a bug, it is a feature.

← Back to stories