Jump to content


New tool gives 150 ways to bypass web app firewalls

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 31,818 posts

Posted 26 July 2012 - 03:46 PM

New tool gives 150 ways to bypass web app firewalls
Released at Black Hat, tool can test if web application firewalls are vulnerable to protocol-level evasion techniques
By Lucian Constantin
July 25, 2012 09:23 PM ET

IDG News Service - A tool for testing if web application firewalls (WAFs) are vulnerable to around 150 protocol-level evasion techniques was released at the Black Hat USA 2010 security conference on Wednesday.

The tool and the research that went into its creation are the work of Ivan Ristic, director of engineering at security vendor Qualys and the original author of the popular ModSecurity Web application firewall.

Web application firewalls are designed to protect web applications from known attacks, such as SQL injection attacks, that are commonly used to compromise websites. They do this by intercepting requests sent by clients and enforcing strict rules about their formatting and payload.

However, there are various methods for sneaking malicious requests that violate these rules past WAFs by modifying certain parts of their headers or the paths of requested URLs. These are known as protocol-level evasion techniques, and WAFs are not properly equipped to deal with them at the moment because the techniques are not very well documented, Ristic said.

More to read: