[Owasp-ireland] Flawd: A WAF evasion challenge
eoin.keary at owasp.org
Mon Jul 18 11:51:56 EDT 2011
On 18 Jul 2011, at 16:03, Sean O Briain <cairdenetwork at gmail.com> wrote:
> Hi guys,
> I asked Fabio for permission prior to posting this on the mailing list.
> I'm currently coding a WAF evasion test-bed, to allow people to practice common waf evasion techniques when attempting to implement SQL Injection. It's currently still in beta, so there is yet no install script as such - but I have included a readme file which should take you through the install procedure effortlessly. It's still a work in progress, so keep that in mind.
> You can download the script from here: http://seanobriain.com/code/flawd.zip (PHP/MySQL required)
> There are 4 different levels, varying in difficultly from easy to difficult. The first level is designed for beginners to simply become familiar with SQL Injection. The later levels implement common filtering techniques at varying difficulties.
> Any feedback is welcome.
> Seán "peann" Ó Briain
> This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-ireland