BIO

Khalil Bijjou is a passionate penetration tester and security consultant with a big curiosity for technical topics, especially in the field of IT security. He performs security assessments for major companies especially in the field of web, mobile and SAP security. Placed 2nd in the German Post IT Security Cup 2015 and carries the Mint award 2016 in the field of Cybersecurity. Author of the “Web Application Firewall Bypassing – an approach for penetration testers” paper which was presented at three international conferences. Publisher of the open-source tool WAFNinja which is used by security experts world-wide.

— TOPIC —

Web Application Firewall Bypassing

This talk will teach you how to attack an application secured by a WAF. The moderator will describe WAF bypassing techniques and offer a systematic and practical approach on how to bypass web application firewalls based on these techniques. WAFNinja, a tool that helps to find multiple vulnerabilities in WAFs, will be introduced.

Session Keywords