diff --git a/README.md b/README.md
index 87aea6f..79787d7 100644
--- a/README.md
+++ b/README.md
@@ -1036,6 +1036,21 @@ Wanna fingerprint WAFs? Lets see how.
+
+ |
+ Nemesida Firewall
+ |
+
+
+ - Detectability: Difficult
+ - Detection Methodology:
+
+ - Blocked response page conatins
Suspicious activity detected. Access to the site is blocked..
+ - Contains reference to email
nwaf@{site.tld}
+
+
+ |
+
Netcontinuum (Barracuda)
@@ -1392,7 +1407,7 @@ Wanna fingerprint WAFs? Lets see how.
Response page contains either of the following text snippet:
- Image displaying
beyondtrust logo.
- SecureIIS Web Server Protection.Download SecureIIS Personal Edition- Reference to
http://www.eeye.com/SecureIIS/ URL.
SecureIIS Error text snippet.
@@ -1615,8 +1630,10 @@ Wanna fingerprint WAFs? Lets see how.
Response headers may contain Sucuri or Cloudproxy keywords.
Blocked response page contains the following text snippet:
- Access Denied and Sucuri Website Firewall texts.- Email
cloudproxy@sucuri.net.
+ Access Denied - Sucuri Website Firewall text.- Reference to
https://sucuri.net/privacy-policy URL.
+ - Sometimes the email
cloudproxy@sucuri.net.
+ - Contains copyright notice
;copy {year} Sucuri Inc.
Response headers contains X-Sucuri-ID header along with normal requests.
@@ -2289,6 +2306,7 @@ Content-Length: 115
```
The following table shows the support of different character encodings on the tested systems (when messages could be obfuscated using them):
+> __TIP:__ You can use [this small python script](others/obfu.py) to convert your payloads and parameters to your desired encodings.
|