YoVDO

Confessions of a WAF Developer - Protocol-Level Evasion of Web App Firewalls

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Web Development Courses Cybersecurity Courses PHP Courses Web Application Firewalls Courses ModSecurity Courses

Course Description

Overview

Explore protocol-level evasion techniques for Web Application Firewalls (WAFs) in this Black Hat USA 2012 conference talk. Delve into the vulnerabilities of virtual patches and learn how attacks can become virtually invisible through lower-level processing manipulation. Discover lessons from a decade of WAF development, including a previously unknown flaw in ModSecurity. Gain insights into various evasion methods, their effectiveness against different tools, and how to counter them. Access a comprehensive catalogue of protocol-level evasion techniques and a complete testing suite released as part of this presentation.

Syllabus

Intro
True Evasion Story
mpedance Mismatch
Protocol-Level Evasion Overview
Virtual Patching
attacking Patch Activation
Self-Contained ModSecurity Rules
Backend Feature Variations
Path Parameters Again
Short Filenames on Windows
Path Evasion against IIS 5.1
Path Handling of Major Platforms
Tricks with PHP Parameter Names
nvalid URL Encoding
Content Type Evasion
ModSecurity Bypass
Multipart Format Overview
ModSecurity CRS Bypass
Content-Type Evasion
PHP Source Code
Boundary Evasion
Parameter Type Evasion
Multipart Evasion Summary


Taught by

Black Hat

Related Courses

Secure Your Code - Injections and Logging
Pluralsight Introduction to the OWASP ModSecurity Core Rule Set
nullcon via YouTube Implementing AppSensor in ModSecurity
LASCON via YouTube OWASP Flagship Projects - OWASP ModSecurity Core Rule Set
OWASP Foundation via YouTube Practical OWASP CRS in High Security Settings
OWASP Foundation via YouTube