Bypassing web application firewalls using HTTP headers

Web application firewalls (WAF’s) are part of the defense in depth model for web applications. While not a substitute for secure code, they offer great options for filtering malicious input. Below is a story from a real assessment where an enterprise deployment of such a device was vulnerable to being bypassed. The vulnerability is one […]

The post Bypassing web application firewalls using HTTP headers appeared first on Security Aegis.

The post Bypassing web application firewalls using HTTP headers …

application bypassing firewalls headers http web web application