Here is the story of how we bypassed ModSecurity and were able to conduct successful XSS, SQLi, Command injections, Unrestricted file upload, and pop shells… A few weeks ago, we decided to test ModSecurity against two vulnerable applications OWASP Juice Shop and Damn Vulnerable Web Application. This research was conducted…