Tag

Bypass

Browsing

Security products have their own security issues, which can affect products that they were designed to secure. It’s not a recursive loop, but the reality. WAFs there are not an exclusion. You can remember CloudFlare self-DoS that happened last year (https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) because of an issue in RegExp signature they applied. Or Imperva’s data breach that disclosures API keys of their clients https://krebsonsecurity.com/2019/08/cybersecurity-firm-imperva-discloses-breach/ The latest thing with ModSecurity (https://www.secjuice.com/modsecurity-vulnerability-cve-2019-19886/) is another one example of how it’s…

GraphQL is an alternative to the REST concept that allows working with the data in a more structured and object-oriented way. This technology is very famous and used by many enterprise companies such as Facebook, Walmart, Intuit among other. Whether you know it or not, GraphQL has a significant impact on your business. Many products you rely on, such as GitLab, New Relic, and WordPress use GraphQL under the covers. In this series of articles,…

An engineering POV into everyday vulnerability. The everyday things you rely on may leave you vulnerable to attack. And it may not be the things themselves, but what is hiding inside. Are your IoT devices, printers, and otherwise friendly, functional helpers vectors for data breaches? We have to look into the tiny software component embedded in millions of machines to understand why their security is often inadequate. This is the story of Appweb: a web…

Ah-ha, we like this much. sqlmap, which is an incredibly popular tool that automates the process of detecting and exploiting SQL injection flaws, is now able to identify applications and API protected by Wallarm. When WAF is detected, sqlmap even proposes to activate tamper scripts and try to bypass security checks. But as Wallarm doesn’t use regular expressions for attack detection and more relies on statistical profiles, it won’t help, sorry 🙂 Thanks @stamparm. Appreciate this…