Awesome-Mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2025-02-04 08:55:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixed stuff

Browse Source
This commit is contained in:
0xInfection 2019-02-06 19:12:14 +05:30
parent 8b033f8713
commit 0db57bf9bd
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -1229,13 +1229,14 @@ Running a set of payloads against the URL/endpoint. Some nice fuzzing wordlists:
- Can be done with automated tools like BurpSuite Intruder. - Can be done with automated tools like BurpSuite Intruder.
__Technique:__ __Technique:__
- Load up your wordlist into Burp Intruder/custom fuzzer and start the bruteforce. - Load up your wordlist into Burp Intruder/custom fuzzer and start the bruteforce.
- Record/log all responses from the different payloads fuzzed. - Record/log all responses from the different payloads fuzzed.
- Use random user-agents, ranging from Chrome Desktop to iPhone browser. - Use random user-agents, ranging from Chrome Desktop to iPhone browser.
- If blocking noticed, increase fuzz latency (eg. 2-4 secs) - If blocking noticed, increase fuzz latency (eg. 2-4 secs)
- Always use proxies, since chances are real that your IP gets blocked. - Always use proxies, since chances are real that your IP gets blocked.
- __Drawback:__ __Drawback:__
- This method often fails. - This method often fails.
- Many a times your IP will be blocked (temporarily/permanently). - Many a times your IP will be blocked (temporarily/permanently).