Devdays 2019: How To Bypass Web Application Firewalls

news vulnerability

Mid-May the security industry travelled to Vilnius, Lithuania to attend the annual DevDays Europe Conference.

Man giving presentation at Days Europe Conference - SEC Consult

Khalil Bijjou contributed to the DevDays Europe with a talk about “Web Application Firewall Bypassing”. He showed how to attack a web application that is secured by a WAF. He described WAF bypassing techniques and introduced a systematic and practical approach on how to bypass web application firewalls based on these techniques. WAFNinja, a tool that helps to find multiple vulnerabilities in WAFs, has been demonstrated practically.

In case you missed it, here is the video of his talk.