Dive into an in-depth exploration of Web Application Firewall (WAF) bypass techniques in this 26-minute conference talk from h@cktivitycon 2020. Gain practical insights into WAF operations and discover novel methods for demonstrating the impact of cross-site scripting (XSS) vulnerabilities, even when protected by sophisticated WAFs. Learn why reflected XSS remains a valid vulnerability despite WAF presence, and explore the increasing complexity and resilience of modern WAFs. Equip yourself with advanced knowledge to navigate the evolving landscape of web application security and penetration testing.
Overview
Syllabus
h@cktivitycon 2020: WAF Bypass In Depth
Taught by
HackerOne