An introduction to the LightBulb Framework
This blog post serves as a followup to my summer B-Sides Athens 2017 talk entitled “Lightbulb framework – shedding light on the dark side of WAFs and Filters”.
Security B-Sides 2017 Athens
CENSUS participated in the "Security B-Sides 2017 Athens" conference with a presentation by Ioannis Stais on the automated discovery of expressions that bypass Web Application Firewalls and Filters, using learning automata. The presentation was entitled "LightBulb Framework: Shedding Light on the Dark Side of WAFs and Filters" and followed Stais' and Argyros' previous research on the subject (see BlackHat Europe in 2016 presentation). The Security B-Sides presentation introduced an Extension for the Burp Suite web proxy application that allows for easier integration of the expression discovery technique to the standard toolbox of web application penetration testers.
Black Hat Europe 2016
CENSUS will be participating at the Black Hat Europe 2016 conference, in London with a presentation by George Argyros and Ioannis Stais on the theme of automated evasion of Web Application Firewalls (WAFs). The presentation's title is Another Brick Off the Wall: Deconstructing Web Application Firewalls using Automata Learning and will take place on Thursday November 3rd 2016 at 14:30 in the Auditorium room of the Business Design Center venue.