WAF bypass

bypass学习资料

  1. 门神WAF众测总结 重点

https://security.tencent.com/index.php/blog/msg/151

2.WAF的介绍与WAF绕过原理

https://cloud.tencent.com/developer/article/1536637

3.WAF绕过奇技淫巧之SQL注入

https://www.ms509.com/2020/06/24/Waf-Bypass-Sql/

4.Bypass WAF Cookbook

https://wooyun.js.org/drops/Bypass%20WAF%20Cookbook.html

5.TSRC挑战赛:WAF之SQL注入绕过挑战实录

https://security.tencent.com/index.php/blog/msg/66

6.浅谈WAF绕过技巧

https://mp.weixin.qq.com/s/Qn-zh7SwG9wA3dGEz_AEqA

开源项目

1.xwaf

https://github.com/3xp10it/xwaf

2.whatwaf

https://github.com/Ekultek/WhatWaf

3.Awesome-WAF

https://github.com/0xInfection/Awesome-WAF

AI bypass

开源项目:

1.waf-a-mole

https://github.com/AvalZ/waf-a-mole

论文:

1.A Machine Learning-Driven Evolutionary
Approach for Testing Web Application Firewalls

2.Detection and Prevention Approach to SQLi and Phishing Attack using Machine Learning

3.Improving Web Application Firewalls to detect
advanced SQL injection attacks

4.WAF-A-MoLE: An adversarial tool for assessing ML-based WAFs

发表评论

Fill in your details below or click an icon to log in:

WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 登出 /  更改 )

Google photo

您正在使用您的 Google 账号评论。 登出 /  更改 )

Twitter picture

您正在使用您的 Twitter 账号评论。 登出 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 登出 /  更改 )

Connecting to %s