Another Brick Off the Wall - Deconstructing Web Application Firewalls Using Automata Learning

Explore the intricacies of Web Application Firewalls (WAFs) and learn advanced techniques for auditing and bypassing them in this 44-minute Black Hat conference talk. Delve into the fundamental concepts of WAFs, their importance in modern application security, and the challenges associated with their auditing. Discover how code injection attacks relate to parsing problems and gain insights into WAF internals and rulesets. Examine the reasons behind WAF bypasses and understand the role of context-free grammars in web security. Dive deep into automata learning, including learning models, deterministic finite automata (DFAs), and symbolic finite automata (SFA). Learn about the innovative Grammar Oriented Filter Auditing (GOFA) approach and its application in generating XSS bypasses and program fingerprints. Explore the modular design of GOFA, including core modules and built-in query handlers. Gain practical knowledge on using GOFA modules and HTTP handlers for effective WAF auditing. Enhance your understanding of web application security and acquire valuable skills for identifying and addressing vulnerabilities in WAF implementations.