papers
Bypassing XSS Detection Mechanisms
Most WAFs and XSS filters rely on regex to catch malicious input. Instead of blindly firing payloads until something sticks, this paper proposes a methodology to reverse-engineer those regex rules by probing. Once you know the rules (e.g., "it blocks <script but allows <object"), you can craft a payload that specifically fits the gaps. It covers bypassing filters in HTML contexts, event handlers, and JavaScript execution sinks.
A Phonetic Approach to Calculate Linguistic Information
Mathematical entropy (Shannon entropy) is often used to detect random gibberish, but it sucks at successfuly identifying things like frontendElementAsyncInit (low entropy, but meaningful) vs 9033e0e305f2 (limited char set, but random).
This paper introduces an approach based on pronounceability. By analyzing bigrams (pairs of characters), we can determine if a string "sounds" like a word in a given language. If it's pronounceable, it's likely not random junk. This is much faster than dictionary lookups and more accurate than standard entropy checks for detecting machine-generated strings.