Closed irsdl closed 8 months ago
Adding PathSuffix-Bypass-4ProxyOrWAF.
Accessing paths blocked by proxies or WAFs by adding special suffixes.
Things like %A0 for Nginx (https://book.hacktricks.xyz/pentesting-web/proxy-waf-protections-bypass) will not work with HTTP/2 -> I was not sure if this can be enforced by BChecks but it would be great to have this option.
%A0
Adding PathSuffix-Bypass-4ProxyOrWAF.
Accessing paths blocked by proxies or WAFs by adding special suffixes.
Things like
%A0for Nginx (https://book.hacktricks.xyz/pentesting-web/proxy-waf-protections-bypass) will not work with HTTP/2 -> I was not sure if this can be enforced by BChecks but it would be great to have this option.