TECHNICAL Web Application Firewall (WAF) Evasion Techniques #3 Uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let's show it can be done on CloudFlare WAF and ModSecurity OWASP CRS3
TECHNICAL Apache Struts2 CVE-2018-11776 POC Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.
TECHNICAL DNSBL: Not just for spam Security practitioner Menin_TheMiddle is using DNS to stop botnet, spammers and anonymous traffic with Nginx, Lua and DNSBL. Find out how.
CYBERSEC AppArmor: Say Goodbye to Remote Command Execution. How to kill RCE and RFI directly on the php-fpm process. Let's do a test exploiting Drupalgeddon2.
