Confessions of a WAF Developer - Protocol-Level Evasion of Web App Firewalls
Offered By: Black Hat via YouTube
Course Description
Overview
Explore protocol-level evasion techniques for Web Application Firewalls (WAFs) in this Black Hat USA 2012 conference talk. Delve into the vulnerabilities of virtual patches and learn how attacks can become virtually invisible through lower-level processing manipulation. Discover lessons from a decade of WAF development, including a previously unknown flaw in ModSecurity. Gain insights into various evasion methods, their effectiveness against different tools, and how to counter them. Access a comprehensive catalogue of protocol-level evasion techniques and a complete testing suite released as part of this presentation.
Syllabus
Intro
True Evasion Story
mpedance Mismatch
Protocol-Level Evasion Overview
Virtual Patching
attacking Patch Activation
Self-Contained ModSecurity Rules
Backend Feature Variations
Path Parameters Again
Short Filenames on Windows
Path Evasion against IIS 5.1
Path Handling of Major Platforms
Tricks with PHP Parameter Names
nvalid URL Encoding
Content Type Evasion
ModSecurity Bypass
Multipart Format Overview
ModSecurity CRS Bypass
Content-Type Evasion
PHP Source Code
Boundary Evasion
Parameter Type Evasion
Multipart Evasion Summary
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network