Understand the Attack Surface
Firewalls are the gatekeepers of network security, but they are not infallible. This interactive report breaks down 18 critical techniques used by security professionals to test rules, evade detection, and bypass restrictions. Explore the methods below to understand the tools and tactics involved.
Technique Categories
We have categorized the 18 techniques into four logical domains. Understanding these categories helps in identifying the intent behind a bypass attempt.
-
Reconnaissance: Mapping the network, identifying open ports, and fingerprinting services (e.g., Port Scanning, Firewalking).
-
Packet Manipulation: Modifying packet headers to trick filters or abuse protocol logic (e.g., Fragmentation, Spoofing).
-
Tunneling: Encapsulating forbidden protocols inside allowed ones like ICMP, DNS, or HTTP.
-
Application/Proxy: Leveraging higher-layer intermediaries or logic flaws (e.g., Proxies, XSS, MITM).
Distribution of the 18 Source Techniques
Technique Library
🔍
👆
Select a technique to begin
Explore definitions, CLI commands, and real-world examples from the sidebar.
Challenge