mod_security | w3af - Open Source Web Application Security Scanner

Description

This evasion plugin performs a bypass for mod_security version 2.1.0 or less here:

http://www.php-security.org/MOPB/BONUS-12-2007.html

Important: The evasion only works for postdata. Example: Post-data Input: ‘a=b’ Post-data Output : ‘\x00a=b’

Plugin type

Evasion

Options

This plugin doesn’t have any user configured options.

Source

For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code

Dependencies

This plugin has no dependencies.