干货|各种WAF绕过手法学习
作者:互联网
0X00 Fuzz/爆破
fuzz字典
1.Seclists/Fuzzing
https://github.com/danielmiessler/SecLists/tree/master/Fuzzing
2.Fuzz-DB/Attack
https://github.com/fuzzdb-project/fuzzdb/tree/master/attack
3.Other Payloads 可能会被ban ip,小心为妙。
https://github.com/foospidy/payloads
0X01 正则绕过
多少waf 使用正则匹配。
黑名单检测/bypass
Case: SQL 注入
• Step 1:
标签:github,WAF,干货,master,Fuzzing,https,绕过,com,Fuzz 来源: https://blog.csdn.net/zhangge3663/article/details/116394692