bypass
Bypass Vulnerability in WordPress Plugins Authentication
Authentication bypass vulnerability is a security defect that enables a threat actor to circumvent or bypass the authentication process of an application or system. On May 29, 2023, a team of cybersecurity ...
Techniques employed by Threat Actors to evade the WAF
Introduction WAF (Web Application Firewalls) is an essential component of any secure network infrastructure. They are designed to protect a network from external threats such as unauthorized access, malware, and other malicious ...
TLS Redirection and Dynamic Decryption Bypass in PolarProxy
PolarProxy is constantly being updated with new features, enhanced performance and bug fixes, but these updates are not always communicated other than as a short mention in the ChangeLog. I would therefore ...
PolarProxy 0.8.16 Released
We are happy to announce a new release of the TLS decryption tool PolarProxy. The new version has been updated to support features like client certificates and a PCAP-over-IP connector. Client Certificates ...
PolarProxy 0.8.16 Released
We are happy to announce a new release of the TLS decryption tool PolarProxy. The new version has been updated to support features like client certificates and a PCAP-over-IP connector. Client Certificates ...
Bypass of Disabled System Functions
Imagine that you discover an Unrestricted File Upload vulnerability and upload a web shell to the server. Or, you have a payload that allows you to execute commands on the system through ...
Type Juggling Authentication Bypass Vulnerability in CMS Made Simple
Have you ever experienced that sinking feeling when you discover that you've run out of one crucial ingredient for a special meal? It might be a single ingredient, but it ruins the ...
Firewall Evasion Techniques and Countermeasures
Life finds a way. This is one of my favorite quotes from one of my favorite movies and books, Jurassic Park. Internet traffic, like life, will break free and expand to new ...
Firewall Evasion with UDP (PingTunnel)
This is a follow up post to using PingTunnel to bypass security controls by tunneling traffic over ping. For this example we will use the same tool but do it over UDP ...
Firewall Evasion with ICMP (PingTunnel)
Most networks today use a network based access control system to permit certain traffic and deny others. Since the inception of firewalls and web filters users (and malware) working behind them have ...