The Star Wars Sequel

During Bsides Cape Town this year, I was fortunate enough to be a speaker there and had the opportunity to present the outcomes of my initial research that focused on web application firewalls and the modern state of WAFs.

In the talk we took a look at a high level history of the evolution of WAFs as well as the growth of the techniques they use to detect and repel malicious behavior.

We also ran through a couple of cool bypasses and compared the outcomes of different bypasses against three different WAFs namely:

CloudFlare WAF
Azure Gateway WAF
ModSecurity

In the talk we also addressed common business concerns and “user errors” that we usually see during real life engagements.

I have since then written a blog post on the MWRCyberSec website that goes into more detail on the content of the talk, a Youtube video has also been released of the talk: TBC

Breaking the Barrier Part 2

Table of Contents

The Star Wars Sequel