How To Exploit PHP Remotely To Bypass Filters & WAF RulesIn the last three articles, I’ve been focused on how to bypass WAF rule set in order to exploit a remote command execution. In this…Jan 6, 2019Jan 6, 2019
Web Application Firewall (WAF) Evasion Techniques #3This article explores how to use an uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let’s…Jan 6, 2019Jan 6, 2019
DNSBL: Not just for spamUsing DNS in order to block botnet, spammers and Tor with Nginx, Lua, ModSecurity and FakeDNSAug 12, 2018Aug 12, 2018
AppArmor: Say Goodbye to Remote Command Execution.How to kill RCE and RFI directly on the php-fpm process. Let’s do a test exploiting Drupalgeddon2.Jul 3, 2018Jul 3, 2018
Web Application Firewall (WAF) Evasion Techniques #2String concatenation in a Remote Command Execution payload makes you able to bypass firewall rules (Sucuri, ModSecurity)Jan 3, 20186Jan 3, 20186
Detecting human users: Is there a way to block enumeration, fuzz or web scan?No, you won’t be able to totally block them, but you would be surprised how stupid some bots are! Nginx + Lua FTW.Dec 27, 2017Dec 27, 2017
Web Application Firewall (WAF) Evasion TechniquesI can read your passwd file with: “/???/??t /???/??ss??”. Having fun with Sucuri WAF, ModSecurity, Paranoia Level and more…Dec 8, 20173Dec 8, 20173
ModSecurity + Elasticsearch + KibanaHow to store ModSecurity Audit Logs in Elasticsearch and how to make searches and reports using KibanaNov 14, 20177Nov 14, 20177
