A guide to non-conventional WAF/IDS evasion techniques January 22, 2022, 04:48:30 pm Initiating connection via direct IP accessSwitching up protocolsManipulation of HTTP headersManipulation of parameter namesCR/LF, Null terminators, and other control charsHTTP Parameter PollutionHTTP Verb TamperingHTTP Request SmugglingDefeating Virtual PatchingSession SplicingDenial-of-Service and Resource ExhaustionExplanation in the article:https://blog.0xffff.info/2021/07/24/a-guide-to-non-conventional-waf-ids-evasion-techniques/
Re: A guide to non-conventional WAF/IDS evasion techniques Reply #1 – January 22, 2022, 04:48:43 pm Backupshttps://web.archive.org/web/20210731223520/https://blog.0xffff.info/2021/07/24/a-guide-to-non-conventional-waf-ids-evasion-techniques/https://archive.st/archive/2021/7/blog.0xffff.info/ojzg/blog.0xffff.info/2021/07/24/a-guide-to-non-conventional-waf-ids-evasion-techniques/index.htmlhttps://archive.is/DhbIn