Framework for Testing WAFs (FTW) Purpose This project was created by researchers from ModSecurity and Fastly to help provide rigorous tests for WAF rules. It uses the OWASP Core Ruleset V3 as a baseline...
What is Naxsi? NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing...
raptor waf Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross-site scripting, and path traversal. Why is this tool made in C language? C has a high...
On this post, i want to introduce the tips to bypass XSS filter. Cross Site Scripting (XSS) is a Web application attack in the data output to the page when there is a problem,...
