Many web application firewalls (WAFs) can be bypassed by simply sending large amounts of extra data in the request body along with your payload. Most WAFs will only process requests up to a certain size limit. How the WAF is configured to handle these large requests determines exploitability, but some common WAFs will allow it by default.

The post Bypassing WAFs Using Oversized Requests appeared first on Black Hills Information Security, Inc..

By Erik Goldoff, Ray Van Hoose, and Max Boehner || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec […]

The post Blue Team, Red Team, and Purple Team: An Overview appeared first on Black Hills Information Security, Inc..

by Gerald Auger of Simply Cyber // Guest Author You want to break into cybersecurity? That’s AWESOME. I’ve been in the field for 20 years and I LOVE IT! But […]

The post How to Get a Job in Cybersecurity appeared first on Black Hills Information Security, Inc..

by Amanda Berlin of Mental Health Hackers This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 […]

The post Mental Health – An Infosec Challenge appeared first on Black Hills Information Security, Inc..

by Martin Pearson || Guest Author This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 physical […]

The post Build a Home Lab: Equipment, Tools, and Tips appeared first on Black Hills Information Security, Inc..

| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]

The post At Home Detection Engineering Lab for Beginners appeared first on Black Hills Information Security, Inc..

| Nigel Douglas As a Developer Advocate working on Project Falco, Nigel Douglas plays a key role in driving education for the Open-Source Detection and Response (D&R) segment of cloud-native […]

The post Better Together: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco appeared first on Black Hills Information Security, Inc..