Wednesday, November 24, 2010


warf warf! sounds like a barking sound.

will hear that sound when some anonymous skidds found a vuln website and try to inject it but failed.
"warf! this page non-injectable...dont waste your time!"

and hey..warf also sounds like when we say wadefff!!!
(not wadefak my friend. but the 'wtf' word)'s the topic.
just learned a little bit about WAF = Web Application Filter.
nowdays u can get a lot of vuln sites. when u put a singe quote (') as example,there'll be a mysql error or etc.
but when try to inject (based on the tutorials given after some googling) and failed, does this mean that site is non-injectable?

NO. this is because of WAF

so hey noobs out there(including me) lets learn about WAF!

WAF from owasp