Ah-ha, we like this much. sqlmap, which is an incredibly popular tool that automates the process of detecting and exploiting SQL injection flaws, is now able to identify applications and API protected by Wallarm.
When WAF is detected, sqlmap even proposes to activate tamper scripts and try to bypass security checks. But as Wallarm doesn’t use regular expressions for attack detection and more relies on statistical profiles, it won’t help, sorry 🙂
Thanks @stamparm. Appreciate this much!
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator…
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure…
This is a predictions blog. We know, we know; everyone does them, and they can…
The attack landscape has been dynamic following the disclosure of the React Server Components RCE…
As the year draws to a close, it’s worth pausing to look back on what…
On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution (RCE) vulnerability…