Web Application Firewall (WAF) Evasion Techniques #3

This article explores how to use an uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let’s see how it can be done on CloudFlare WAF and ModSecurity OWASP CRS3.

Read the full article here: