Bypassing WAFs

Web application firewalls (WAFs) try to protect web applications from attacks through a number of methods. They can be deployed in a "canned" state where the system uses defaults to detect and mitigate potential attacks. Many of the systems that I've tested in my career doing web application penetration testing were deployed in this manner.... Continue Reading →

My first post and shameless self-promotion.

First posts are hard. There is so much riding on them. I'm just going to set an easy tone for this blog and make it short and sweet.I'm mentoring my first SANS SEC542 (http://www.sans.org/course/web-app-penetration-testing-ethical-hacking) course in August. I'm really looking forward to it!Details are below:Location: Rockville, MDSchedule: 2 hours each Tuesday and Thursday for 5 weeks Link: http://www.sans.org/mentor/class/sec542-rockville-20aug2013-micah-hoffman

WordPress.com.

Up ↑

%d bloggers like this: