YoVDO

Confessions of a WAF Developer - Protocol-Level Evasion of Web App Firewalls

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Web Development Courses Cybersecurity Courses PHP Courses Web Application Firewalls Courses ModSecurity Courses

Course Description

Overview

Explore protocol-level evasion techniques for Web Application Firewalls (WAFs) in this Black Hat USA 2012 conference talk. Delve into the vulnerabilities of virtual patches and learn how attacks can become virtually invisible through lower-level processing manipulation. Discover lessons from a decade of WAF development, including a previously unknown flaw in ModSecurity. Gain insights into various evasion methods, their effectiveness against different tools, and how to counter them. Access a comprehensive catalogue of protocol-level evasion techniques and a complete testing suite released as part of this presentation.

Syllabus

Intro
True Evasion Story
mpedance Mismatch
Protocol-Level Evasion Overview
Virtual Patching
attacking Patch Activation
Self-Contained ModSecurity Rules
Backend Feature Variations
Path Parameters Again
Short Filenames on Windows
Path Evasion against IIS 5.1
Path Handling of Major Platforms
Tricks with PHP Parameter Names
nvalid URL Encoding
Content Type Evasion
ModSecurity Bypass
Multipart Format Overview
ModSecurity CRS Bypass
Content-Type Evasion
PHP Source Code
Boundary Evasion
Parameter Type Evasion
Multipart Evasion Summary


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube