Πηγαίνετε εκτός σύνδεσης με την εφαρμογή Player FM !
Noam Moshe on a Generic WAF Bypass Technique
Manage episode 350212154 series 3308427
Claroty Team82 researcher Noam Moshe joins the podcast to discuss his recent research and development of a generic bypass of leading vendors' web application firewalls.
This research was presented at Black Hat Europe and on the Team82 blog. The technique involves prepending JSON syntax to a SQL injection payload. Prior to this research, WAFs were blind to JSON syntax and would not flag these payloads as malicious.
All of the leading vendors have since added JSON support to their SQL injection processes.
75 επεισόδια
Manage episode 350212154 series 3308427
Claroty Team82 researcher Noam Moshe joins the podcast to discuss his recent research and development of a generic bypass of leading vendors' web application firewalls.
This research was presented at Black Hat Europe and on the Team82 blog. The technique involves prepending JSON syntax to a SQL injection payload. Prior to this research, WAFs were blind to JSON syntax and would not flag these payloads as malicious.
All of the leading vendors have since added JSON support to their SQL injection processes.
75 επεισόδια
Όλα τα επεισόδια
×Καλώς ήλθατε στο Player FM!
Το FM Player σαρώνει τον ιστό για podcasts υψηλής ποιότητας για να απολαύσετε αυτή τη στιγμή. Είναι η καλύτερη εφαρμογή podcast και λειτουργεί σε Android, iPhone και στον ιστό. Εγγραφή για συγχρονισμό συνδρομών σε όλες τις συσκευές.