Modern WAF Bypass Techniques for Autonomous Attacks

Scripting and automation are absolutely critical to many aspects of an attacker’s effectiveness, penetration tester or otherwise. Modern WAFs and “bot detections” often add a small layer of intelligence to their monitoring, attempting to determine whether or not an attack is being automated, and shut the bot/botnet down. This class will cover how common forms of WAF & bot detections work and how you can modify your scripting to fly under the radar.

Requirements:

Laptop & permission / ability to install software (i.e. Python, Webstorm or other IDE(if desired)) and create new network interfaces (VPN, etc).

Enough familiarity with Python and Javascript to write basic scripts on your own