“If you are hired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess.”
Interesting article published by Usman Nasir on KaliTutorials: using a python script, we can forge a malicious XSS request that will be identified by a “signature based” WAF (like ModSecurity) as legitimate.
Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you are hired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess.
What is a Web Application Firewall?
OWASP website says:
A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection.
While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications. A WAF can be considered a reverse proxy.
WAFs may come in the form of an appliance, server plugin, or filter, and may be customized to an application. The effort to perform this customization can be significant and needs to be maintained as the application is modified.
Read the whole article with technical details on KaliTutorials.net: