bug-bounty622
facebook464
xss316
google151
rce105
microsoft97
apple65
csrf61
account-takeover54
web354
writeup51
exploit42
sqli41
cve37
ssrf35
cloudflare33
dos33
malware29
privilege-escalation29
defi28
smart-contract-vulnerability25
idor24
subdomain-takeover24
ethereum23
smart-contract23
clickjacking23
access-control21
node21
vulnerability-disclosure21
browser20
auth-bypass20
lfi19
aws19
remote-code-execution18
react17
cloud17
reverse-engineering16
cors16
docker16
oauth15
info-disclosure15
race-condition15
solidity14
authentication-bypass14
supply-chain13
phishing13
wordpress12
denial-of-service11
sql-injection11
delegatecall11
0
A detailed writeup on bypassing Akamai's Kona WAF to exploit a blind SQL injection vulnerability in a Google BigQuery backend by leveraging division-by-zero errors and the STRPOS function to extract database information without triggering WAF detection rules.
sql-injection
waf-bypass
google-bigquery
blind-sql-injection
akamai-kona-waf
bug-bounty
web-application-firewall
division-by-zero
database-exploitation
parameter-injection
Akamai
Google BigQuery
Kona WAF
HackerOne
Duc Nguyen
Burpsuite