bypass学习资料

1. 门神WAF众测总结 重点

https://security.tencent.com/index.php/blog/msg/151

2.WAF的介绍与WAF绕过原理

https://cloud.tencent.com/developer/article/1536637

3.WAF绕过奇技淫巧之SQL注入

https://www.ms509.com/2020/06/24/Waf-Bypass-Sql/

4.Bypass WAF Cookbook

https://wooyun.js.org/drops/Bypass%20WAF%20Cookbook.html

5.TSRC挑战赛：WAF之SQL注入绕过挑战实录

https://security.tencent.com/index.php/blog/msg/66

6.浅谈WAF绕过技巧

https://mp.weixin.qq.com/s/Qn-zh7SwG9wA3dGEz_AEqA

开源项目

1.xwaf

https://github.com/3xp10it/xwaf

2.whatwaf

https://github.com/Ekultek/WhatWaf

3.Awesome-WAF

https://github.com/0xInfection/Awesome-WAF

AI bypass

开源项目：

1.waf-a-mole

https://github.com/AvalZ/waf-a-mole

论文：

1.A Machine Learning-Driven Evolutionary
Approach for Testing Web Application Firewalls

2.Detection and Prevention Approach to SQLi and Phishing Attack using Machine Learning

3.Improving Web Application Firewalls to detect
advanced SQL injection attacks

4.WAF-A-MoLE: An adversarial tool for assessing ML-based WAFs