Tyler Rosonke

Home/Tyler Rosonke

About Tyler Rosonke

Tyler is a security professional based in Omaha, Nebraska. His main area of focus is in penetration testing. He loves learning and scripting his way out of a tight spot, which makes this area of security right up his alley.

Bypassing WAFs with JSON Unicode Escape Sequences

Bypassing WAFs with JSON Unicode Escape Sequences This blog post will discuss how I was able find a blind SQL injection, analyze a WAF, find a JSON unicode escape bypass, and then automate the bypass by writing a sqlmap tamper script. SQLi Identification WAF Analysis Bypass Identification Tamper Script SQLi Identification The particular payload that [...]

By |2019-02-05T12:17:45+00:00December 20th, 2018|Categories: InfoSec, Vulnerabilities|0 Comments

Referer Redirection and Its Inconspicuous Danger

Referer Redirection and Its Inconspicuous Danger Recently I noticed some peculiar behavior on web application. I observed that in certain situations, the webpage would openly redirect to the ‘Referer’ header defined in the request. In this particular instance, the web application required some data from the user to perform that page’s function. When that data was not present, [...]

By |2019-02-05T12:17:45+00:00August 23rd, 2016|Categories: InfoSec, Vulnerabilities|0 Comments