Skip to content

Conclusion

This is the end of the workshop! Congratulations if you manage to reproduce most of the exercises.

General Principles

Remember that this presentation was not a exhaustive list of patterns but, an attempt to do a overview at the most common bypass patterns.

We saw that transformations (decoding, nested encoding and replacement) done server-side could allow numerous variation on the same request. Finding such transformation can oriented the technique to used. Parsers implementation differences between the web application and the firewall are a common trait of bypass.

Suggested Presentations