Whisker’s IDS Evasion Tactics
¨URL Encoding with
unicode equivalent
¨/./ directory
insertion
¨Premature URL
ending
¨Long URL
¨Fake parameter
¨Using Tab in lieu of
space separation
¨Case
sensitivity
¨Windows
delimiter
¨Null method
¨Session
splicing