What is WAF Evasion?
A Web Application Firewall (WAF) is a security device that is designed to protect web applications from various attacks. WAF evasion is the art of crafting requests that bypass the WAF's filters and reach the application.
Common Techniques
- Case variation (e.g., `sElEcT` instead of `select`)
- Using comments (`/* ... */`)
- Encoding (URL, Base64, etc.)
- Using null bytes (`%00`)