In the past few years I have done several web application firewall assessments and have been very successful in bypassing them. So, thought to share some of the things that I learnt. Let me just clarify what this post is NOT about: This post is not about, how to detect…
TCP based covert channel (ChorTCP)
While researching on data exfiltration techniques and covert channels, I thought of making one of my own, dubbed ChorTCP. Though protocol over protocol tunneling is a well known concept but I really wanted to actually try to hypothesize one aspect and then implement it, just for fun. The abstract below…
Bypass Online Filter Restriction
Hello again ! Disclaimer: All the material shown on this blog is for educational purposes ! We would not be held responsible for any illegal use of the material by any one ! Usually what happens is that people want to visit a website , which is legit , but…
Food for thought !!
Hey every body !! Its been along time i posted on my blog ! I recently had an interview with some security managers of a Multi National Company ! We discussed about alot of Network Security Issues ! Although my mind was kinda rusted because i have lately been working…
Web Application firewall bypass !
Web Application security is very important nowadays ! especially due to ecommerce. Hence Web Application firewalls came into being ! which automatically filter out the malicious query string. And many high end technology giants have them installed ! But what IF ???!!! Some one bypasses the WAF (Web Application Firewalls)…
How tunneling softwares compromise internal security
First off let me explain what tunneling really is ? Well to make it simple i wont go into technical details but would say that for example you take a LAYS chips packet and put some thing in side it , that you are usually not allowed to send and…