It's pretty normal in many Organizations to use get servers to connect to Internet via a Proxy. In most cases it's for updating apt-get or yum via proxy. However, quite often you might need to download packages directly using wget or curl and setting up apt-get or apt via proxy, wget via proxy, curl via proxy is a pain. What if you could simply setup a Proxy and just use any applications to use that using a simply command? I faced this many times and hence writing this guide. Note that if you're only allowing apt-get via proxy then stick with configuring /etc/apt.conf or /etc/apt/conf.d/00proxy or something similar but if you need to allow different applications via a proxy then this method is best and simplest.
Read More »Avoiding Web Application Firewall using Python
Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you arehired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious …
Read More »Bypass Web Application Firewall using WAFNinja
WAFNinja is a CLI python tool that helps penetration testers to bypass Web Application Firewall by automating steps necessary for bypassing input validation. WAFNinja supports HTTP connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. It also supports intercepting proxy, …
Read More »