A Pentesters Guide - Part 5 (Unmasking WAFs and Finding the Source)
In this article I am going to detail a non-exhaustive overview of bypassing WAFs by
NaviSec is a veteran and minority owned cyber security company with a focus on high quality, right-sized solutions and client relationships. Our team works 24/7 to protect and assist our partners in navigating the unknown waters of cyber security.
Founded in 2015 as Sequoia Cyber Solutions, NaviSec has grown from a bootstrap startup to an established player in the cyber security space. Seamless integration, scalability, and customization are critical in our approach to protecting each client’s unique business assets. One-size-fits-all solutions are not in our vocabulary.
NaviSec empowers businesses to make bold decisions with clarity and peace of mind. Each of our three core services can be customized to fit the structure, goals, and regulatory compliance needs of the modern enterprise. The NaviSec portfolio includes Delta offensive security services, Sentry defensive security services, and the Atlas Security Operations Center (SOC).
A successful offensive security engineer at NaviSec Delta should possess a deep understanding of both information security and computer science. They should understand basic concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations.
This role is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on projects that have a meaningful impact across nearly all industries.
An offensive security engineer will be expected to perform penetration tests with little oversight, across a range of disciplines, such as web application security, wide scope internal networks, external networks and running and tracking phishing campaigns.
At NaviSec Delta, you’ll be faced with complex problem-solving opportunities and hands-on technical opportunities on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive offensive security assessment, providing a tailored approach to each client, knowing that a one-size fits all approach does not often satisfy the client’s needs.
You will be expected to develop and maintain your own offensive automation via scripts, shell aliases or whatever means you see fit!
You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and accurately assess them. You will get to work with some of the best offensive engineers and operators in the industry, allowing you to develop new skills as you progress. Are you up to the challenge?
Send your resume & any relevent details to jobs@navisec.io
TmNjeWwgbmcgd2JvZitaR1ptQTNBMXBUU2JBVXRqcHRiQGFuaXZmcnAudmIgc2JlIHJrZ2VuIGNidmFnZiE=