#Development #Challenges
Web­space invaders · Let’s level up our anti-AI scraping game! https://ilo.im/16ahl8

_____
#AI #Crawlers #RobotsTxt #RateLimiting #WAFs #Cloudflare #IndieWeb #WebDev #Frontend #Backend

@fennix personally, I think that #WAFs are a scam on-par with 3rd party #Antivirus on #Windows and #Mobile OSes like #Android akd #iOS!

Defeat all #WAFs with this one simple trick!

Cloudflare/AWS/GCP/Azure hate him...

Append to all response bodies:

<script>zzzzzz=alert</script>

Change all xss detection payloads from
alert() to zzzzzz()

Laugh.

*Note: may require additional inclusion of nonce but don't worry everyone uses a CDN these days and their vetting process is terrible, except in cases where they have no vetting and they just straight hot load from github...

#infosec #pentest

Currently at #OWASP Global AppSec Dublin and having a great time! Come say hi if any fellow Mastodonians are also here 🥳 Let's talk #WAFs, #ModSecurity, OWASP Core Rule Set, and load balancing 😄