ja3honeypottools May 30, 2022 0 JA3 on guard against bots A while ago I was researching JA3 hashes and how it may help with bot...
honeypottools Nov 1, 2018 0 Sandbox for HoneyPot I monitor bots activity for a while and often see such behavior: * [SUCCESS] Robot comes...
waftools Oct 15, 2018 0 ModSecurity rules verification ModSecurity [https://www.modsecurity.org/] is open-source WAF. It protects web applications with libinjection and...
toolsreviewhoneypot May 28, 2018 0 How to turn any website into Wordpress/Drupal honeypot When new exploit to popular CMS's vulnerability appears, same day someone will send it all...
libinjectionsqliwaf Oct 9, 2017 0 Part 2. libinjection: different databases fuzzing It is sequel of previous article [https://waf.ninja/libinjection-fuzz-to-bypass/], where I was fuzzing MariaDB...
libinjectionsqlibypasswaf Sep 24, 2017 0 libinjection: fuzz to bypass libinjection is a library that parses parameter value to SQL elements (tokens) and check if...
rcedemoattack Sep 22, 2017 0 Showcase: Struts2 vulnerability evolution Apache Struts 2 [https://en.wikipedia.org/wiki/Apache_Struts_2] is used as framework...
xssattackdemo Sep 18, 2017 0 Showcase: DOM-based XSS Cross-Site Scripting (XSS) vulnerabilities are divided into three types: * Reflected: when payload is injected from...
wafreviewtools Sep 17, 2017 0 Review: wtt OWASP CRS 3.0 bypass A while ago I had to make comparison of different Web Application Firewalls based on...