x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/3.Web-Hacking/1.Brute-Force/1.Web-proxy/BurpSuite/Bypass/WAF-Bypass.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

460 B
Raw Blame History

General Tactics

More information ---> https://github.com/0xInfection/Awesome-WAF (VERY GOOD) Guide to bypass many WAF (CloudFlare, aeSecure, ....)

General Option

  • Change User-Agent
    • Powerfull User Agent ---> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
  • Use headers to confuse server about IP:
    • Origin
    • X-Forwarded-For
    • ...