This talk illuminates Web Application Firewalls (WAFs), with particular focus on the negative detection model. It will present methods how they can be fingerprinted and circumvented in order to demonstrate the wrong feeling of security they might create. Furthermore the tool tsakwaf (The Swiss Army Knife for Web Application Firewalls) will be covered, a little script written in perl that includes various code generation functions for circumventing WAFs and a fingerprinting routine to identify supported WAFs.
Of course there will be some nice demos to prove the point and the speakers will also share their experience from daily web application pentest tasks. Finally, as a special gift, an enhanced version of TSAKWAF will be released at Troopers.
Frank Block is a security consultant working for ERNW GmbH with more than 7 years of experience. His main expertise lies with infrastructe/web application pentesting and the analysis of incidents. When not involved in customer projects, he researches in the memory forensics field.
Michael Thumann is Chief Security Officer and head of the ERNW application security team. He has published security advisories regarding topics like ‘Cracking IKE Preshared Keys’ and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. ‘tomas – a Cisco Password Cracker’, ‘ikeprobe – IKE PSK Vulnerability Scanner’ or ‘dnsdigger – a dns information gathering tool’) and his experience with the community. Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at german universities.
In addition to his daily pentesting tasks he is a regular conference-speaker (e.g. Blackhat, HITB and RSA Conference) and has also contributed exploit code to the Metasploit Framework. With more than 10 years of experience in computer security Michaels’ main interest is to uncover vulnerabilities and security design flaws from the network to the application level and reverse almost everything to understand the inner working.