Web Application Firewalls - Analysis of Detection Logic
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the intricacies of Web Application Firewall (WAF) detection logic in this 40-minute Black Hat conference talk. Delve into the core mechanisms of WAFs, focusing on regular expression-based detection. Analyze the security of six popular open-source WAFs, including OWASP CRS 2,3 - ModSecurity, Comodo WAF, PHPIDS, QuickDefense, and Libinjection. Discover a new Static Application Security Testing (SAST) tool designed to uncover security flaws in regular expression syntax. Learn how to apply a "regex security cheatsheet" to examine rules from popular WAFs and identify logical flaws. Uncover unexpected attack vectors for Cross-Site Scripting and SQL-Injection (MySQL, MSSQL, Oracle) using advanced fuzz testing techniques. Gain insights into clustering and representing attack vectors through look-up tables, useful for both attackers and defenders. Explore over 15 new bypass vectors and understand the potential weaknesses in WAF detection logic, with an indication of more than 300 possible vulnerabilities.
Syllabus
Web Application Firewalls: Analysis of Detection Logic
Taught by
Black Hat
Related Courses
Evaluating Fuzz TestingAssociation for Computing Machinery (ACM) via YouTube O'Dea Assertions Untwining the Security of the SAML Protocol
nullcon via YouTube Fuzz Smarter, Not Harder - An AFL-Fuzz Primer
Security BSides San Francisco via YouTube A Practical Guide to Fuzz Testing Embedded Software in a CI Pipeline - Dennis Kengo Oka - Ekoparty 2021: Hardware Hacking Space
Ekoparty Security Conference via YouTube Google Reimagined a Phone - It Was Our Job to Red Team and Secure It
Black Hat via YouTube