mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2024-12-22 21:53:33 +07:00
Code Issues Packages Projects Releases Wiki Activity
🔥 Web-application firewalls (WAFs) from security standpoint.
14 Commits 1 Branch 0 Tags 30 MiB
Python 100%
1d6b4bcb65
Go to file
Infected Drake 1d6b4bcb65
Edited content clearly
2019-01-26 06:54:34 +05:30
images Delete text 2019-01-08 12:10:19 +05:30
papers New research papers from qualys 2019-01-26 06:22:58 +05:30
presentations New research papers from qualys 2019-01-26 06:22:58 +05:30
LICENSE Initial commit 2019-01-08 10:27:06 +05:30
README.md Edited content clearly 2019-01-26 06:54:34 +05:30

README.md

Awesome WAF Evasion Awesome

A curated list of awesome WAF evasion stuff. 🔥

Main Logo

A Concise Definition: A web application firewall is a form of firewall with a set of configured rules that controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls that do not meet the configured policy of the firewall. (Source Wikipedia)

Feel free to contribute.

Contents:

Presentations & Research Papers

Presentations:

  • WAF Profiling & Evasion - A WAF testing and evasion guide from OWASP.
  • [Protocol Level WAF Techniques](presentations/BlackHat US 12 - Protocol Level WAF Evasion (Slides).pdf) - A presentation at about efficiently evading WAFs at protocol level from BlackHat US 12.

Research Papers:

  • [WASC WAF Evaluation Criteria](papers/WASC WAF Evaluation Criteria.pdf) - A guide for WAF Evaluation from Web Application Security Consortium
  • [Protocol Level WAF Evasion](papers/Qualys Guide - Protocol-Level WAF Evasion.pdf) - A protocol level WAF evasion techniques and analysis by Qualys.
  • WAF Evasion Testing - A WAF evasion testing guide from SANS.