How often have your exploits been blocked by firewalls or neutered by mysterious processes that alter key characters?

This is why payload obfuscation is such a game-changing skill for offensive security testing: by disguising malicious code as harmless data you can bypass security defences and reach your target.

This guide will walk you through everything from the basics of URL encoding and octal encoding to advanced obfuscation methods such as variable expression assignment and obfuscation in shell environments – giving you the tools to outsmart even the toughest security defences.

These skills are invaluable for Bug Bounty Programs, which often simulate real-world hacking conditions by ensuring hunters must overcome defences like web application firewalls (WAFs), input sanitisation and rate limiting.

Mastering these techniques also gives you insights into the inner workings of modern security systems – strengthening both your hacking skills and ability to recommend effective mitigations in your vulnerability reports.

Payload obfuscation via variable expression assignment

Payload obfuscation via arrays in request parameters

Defences and mitigations for payload obfuscation

Conclusion: A vital skillset for bypassing the first line of defence

Payload obfuscation can make malicious exploits undetectable to an application’s protection mechanisms, but without changing the payload’s functionality when executed. Pentesters, Bug Bounty hunters and security researchers can therefore exploit vulnerable components that might otherwise have remained protected by web application firewalls (WAFs) or input validation filters

By obfuscating malicious scripts using encoding, variable manipulation, or unconventional syntax, attackers can bypass pattern-based filters that rely on static signatures.

Payload obfuscation is a perennial feature of the cat-and-mouse game we see unfolding between cybercriminals and security teams. Advanced persistent threat (APT) groups routinely obfuscation techniques like Base64, XOR, AES, RC4 and custom ciphers to evade detection. The most notorious use of these methods relates to what is widely considered to be the most damaging vulnerability of all time.

Back in 2021, ‘Log4Shell’ (CVE-2021-44228) was discovered in the ubiquitous Java logging package Log4j. The vulnerability spread rapidly and caused alarm due to the vast number of affected systems. Although firewall vendors quickly configured rules that blocked Log4Shell

new obfuscated payloads for Log4shell quickly emerged – illustrating how attackers continually innovate to stay one step ahead of security defences.

Attackers then crafted payloads, like the examples below, that bypassed firewalls and enabled attackers to continue exploiting Log4shell:

Lowercase substitution, string fragmentation, nested resolution

Colon trick (::-), char-by-char assembly, deep nesting

Environment variable substitution, default fallback, dynamic protocol construction

As seen in this examples above, payload obfuscation played a big role for attackers to being able to continue exploit the Log4shell vulnerability.

Payload obfuscation via encoding conceals the function of malicious payloads by transforming them into encoded formats such as Base64, hex or Unicode.

URL encoding is a popular and effective encoding technique for bug hunters because browsers use URL encoding so extensively. However, URL-encoded data are widely understood by applications because many developers decode URL-encoded data on the server side. For instance, this code…

…Might look like this when URL-encoded:

Since applications decode this input multiple times, double URL encoding can be an effective technique to conceal a payload. Double URL encoding can be achieved by encoding the “

When the URL is decoded twice, this payload resolves to:

Unicode, hex and octal encoding can be used in various scenarios, the most common being when a payload is injected directly into a pre-rendered string.

A typical scenario involves mixing server-side code with client-side code. For instance, a code snippet might use server-side PHP in combination with client-side JavaScript to assign a value to a JavaScript variable, such as 

Since you control the pre-rendered string value, you can inject Unicode, hex and octal encodings. For example, if the HTTP GET parameter query contains a hex-encoded value like 

. If this code subsequently inserts the content into the HTML DOM, an attacker can exploit a DOM-based cross-site scripting (XSS) vulnerability using payloads that encode special characters such as:

When any of these payloads are inserted into the JavaScript variable 

and then added to the HTML DOM, they will be rendered as:

This payload will then successfully infect the vulnerable application with client-side JavaScript code (also known as XSS). These examples illustrate how encodings can effectively hide malicious intent within a payload.

The most effective way to craft a robust obfuscated payload is to mix multiple encoding methods. Multi-layered encoding forces protective mechanisms to process multiple decoding methods simultaneously, making it significantly harder for them to detect hidden payloads.

As an example, the obfuscated payload below combines the encoding techniques discussed above:

 represents a space in URL encoding, while the 

character is also a valid representation of a space when injected in the URL query.

To learn some practical encoding techniques, supported by hands-on labs, check out our Dojo WAF bypass modules on 

Payload obfuscation via variable expression assignment involves dynamically constructing payloads by assigning values to variables based on expressions composed of variables, constants, operators and functions. This technique makes payloads much less predictable and more difficult for security defences to detect.

For example, to execute the JavaScript code alert(1), you could use variable expression assignment to construct the code (combining variables a, b, c and d) and then execute it using the eval function:

These lines dynamically assemble the string "alert(1)" by concatenating parts stored in different variables, and then execute it with eval, effectively hiding the true intent from static analysis.

In web applications, HTTP request parameters – such as URL queries, POST body data or cookies – are sometimes accepted as an array rather than a single value. In these scenarios, attackers can split a payload into multiple pieces, leveraging array inputs to bypass standard filtering methods.

Imagine a scenario where a HTTP GET parameter (eg 

) is vulnerable to SQL injection. A PHP application accepts the GET parameter as either a single value or an array.

The PHP code might be written similarly to the following example:

To execute a SQL injection payload such as…

…We can take advantage of the application accepting an array for the GET parameter and craft a payload similar to this:

 (when provided as an array), it will result in the following:

) added by PHP’s join function between array elements. This technique creates an obfuscated payload capable of exploiting SQL injection vulnerabilities by confusing the system’s handling of array inputs.

JavaScript, a versatile and powerful programming language, makes payload obfuscation particularly effective due to several key features. In particular, it can be executed on both client and server sides, while its capability to manipulate the HTML DOM enables advanced obfuscation techniques for crafting XSS payloads.

One useful obfuscation method is to use pure Unicode to invoke a function. For example, to execute the command 

 in JavaScript, you can use the following approaches:

Above is the normal function call. The following Unicode-escaped version converts to "print()" at runtime, masking the actual function name:

This mixed variant further fragments the name:

You can also execute JavaScript from a string – using, for example, 

When dealing with vulnerabilities like command injections executed in a shell environment (eg 

), a wide range of advanced payload obfuscation techniques can be employed. These techniques exploit shell features such as wildcards, quotes and global variables (eg 

The art of payload obfuscation: how to mask malicious scripts and bypass defence mechanisms

Writeup by Brumens, research enablement specialist, YesWeHack

Interested in bypassing a system’s security filters using only its built-in features?

In this article, you will discover unique and advanced techniques for exploiting 

, without relying quotes or external plugins.

We provide step-by-step payloads for popular template engines, such as Jinja2, Mako and Twig, that can trigger 

By default, many template engines enable auto-escaping or HTML-escaping prior to rendering. This can make exploitation more challenging, due to the strict quote filtering applied when rendering string-based data. Without string-based data in some form, RCE is significantly harder to achieve on certain template engines, 

However, for others, exploitation remains relatively straightforward even without quotation marks. For instance, our 

 exploit was greatly simplified by the availability of the chr Python function, which demonstrates how inherent language features can be repurposed to overcome input restrictions.

Whether you're a pentester, security researcher or Bug Bounty hunter, this guide shows you how to turn limitations into unexpected strengths – and potentially valuable vulnerabilities.

watching my presentation of this research at Ekoparty 2024 in Buenos Aires

Exploiting Popular Template Engines for RCE

Jinja2 Exploitation: Payload Techniques using index positions

Mako Exploitation: Crafting Payloads in Python Frameworks

Twig Exploitation: Overcoming Template Limitations with Blocks

Smarty Exploitation: Leveraging PHP Built-in Functions for RCE

Blade Exploitation: Advanced Techniques in Laravel’s Template Engine

Groovy Exploitation: Payload Development in Java-Based Systems

FreeMarker Exploitation: Leverage unconventional functions in creative ways.

Razor Exploitation: Leveraging Razor's Native C# Capabilities

The goal of our research was simple: to develop payloads for some of the most popular template engines, with the aim of achieving RCE. These payloads are designed to be completely self-contained, relying solely on the payload itself and not on any external resources such as HTTP parameters. This ensures that they work in as many exploitation scenarios as possible – thereby increasing your chances of finding lucrative vulnerabilities.

Our research attempted to craft a payload to achieve our goal on the following template engines:

Exploiting SSTI in popular template engines for RCE

As mentioned previously, all our payloads utilise only the default functions and methods available within the template engine; they do not rely on any external resources such as parameters in the HTTP request. Despite these limitations, every payload is capable of achieving RCE on an application vulnerable to server-side template injection.

Jinja2 exploitation: payload techniques using index positions

, the default template engine in Flask, is extremely powerful as it permits the execution of pure Python code.

To write a simple string, we can write this payload (note: index values may vary):

, which covers the complete global namespace of the method’s module. The method 

 converts these globals into a string. By extracting characters at positions 1786 to 1788 from the resulting string, the payload ultimately produces the string "id".

We can now leverage this technique to build a payload that performs a remote code execution and runs system command 

This example demonstrates how chaining multiple built-in methods can grant access to the underlying operating system, emphasising the critical importance of understanding engine internals. A similar payload structure can be used to exploit our 

, which used Jinja2 as its template engine when filtering out all quotation marks.

Mako exploitation: Crafting payloads for Python frameworks

 is another Python-compatible template engine, commonly used by frameworks such as Pyramid and Pylons.

In Mako, the following payload generates the string "id":

Passing this string to Python's os.popen function achieves RCE because it leverages system-level calls to bypass input filters:

While an alternative payload exists that utilises "less-than" 

 characters, it falls outside our research scope:

Twig exploitation: overcoming template limitations with blocks

, the PHP template engine, proved to be one of the most challenging environments in which to craft a working payload – primarily due to the difficulty of generating a string using its default configurations. The problem here arises from Twig’s strict auto-escaping rules, which forces us to think creatively.

Fortunately, we can surmount this challenge by leveraging Twig's block feature and built-in 

 variable. By nesting these elements, the following payload was produced successfully:

Alternatively, the following payload, which harnesses the built-in _context variable, also achieves RCE – provided that the template engine performs a double-rendering process:

These payloads illustrate that even stringent auto-escaping rules can be bypassed without the need for external resources like quote marks or plugins. By abusing native template features, these exploits also demonstrate the utility of a deep understanding of template engine internals for overcoming common security mechanisms.

Smarty exploitation: Leveraging built-in PHP functions for RCE

 function is used to generate a character from its hexadecimal value. By employing the variable modifier 

, individual characters are concatenated to form the string "id" as follows:

Similar to Twig, we can use the function 

 to execute our generated string and achieve RCE:

Blade exploitation: advanced techniques in Laravel’s template engine

 function to convert hexadecimal values into their corresponding characters. These characters can then be inserted into 

For example, the following code generates the string "id":

 command, resulting in remote code execution:

Groovy exploitation: payload development in Java-based systems

, a Java-based scripting language commonly used in Grails applications, offers powerful capabilities for dynamic code execution. You can bypass security filters by constructing strings from ASCII codes and executing them as system commands with this method…

 function can then run the constructed string as a system command:

For a payload with no spaces, you may use multi-line comments (

FreeMarker exploitation: leveraging unconventional functions in creative ways

 is a popular template engine used in Java-based applications, and is supported by a variety of frameworks, including Spring and Apache Struts.

My efforts to generate a suitable string in FreeMarker led to the discovery of a pretty neat function: 

. This function converts int-based values into alphabetic strings – but not in the way you might expect from functions such as 

, etc. This is the same logic that you can see in column labels in spreadsheet applications (like Excel or Calc). The lowest allowed number is 

. There's no upper limit. If the number is 

 or less or it isn't an integer number then the template processing will be aborted with error.

So if you wanted a string that represents the letter "

", meanwhile, can be generated with the payload:

By using this method, you can build a string that can be used to create a payload such as the following, with the impact being RCE:

FreeMarker’s payload structure stands out by demonstrating how unconventional functions can be repurposed – offering an alternative pathway when typical methods are insufficient.

Razor exploitation: leveraging Razor's native C# capabilities

 is a powerful template engine capable of executing pure C# code. This capability allows for the generation of strings using the full power of the C# language, opening up a wide range of payload possibilities.

For example, the following payload generates the string "whoami":

To execute this command as a system command, use 

Limitations are just an illusion – advanced server-side template exploitation with RCE everywhere

 as “very inspiring”, “ well written” and “another example of why deprecated tools need to be disconnected or segregated to a sub platform with no sensitive data”. 💡 ‘Skull’, a Singapore-based hunter, 

, the exploit chain was also praised by PortSwigger’s James Kettle, who 

 “the use of a DoS flaw to make the attack stealthier!” 💀

The next writeup in our monthly research roundup – which is initially published as a 

 – features a similarly large-scale target: a buffer over-read vulnerability in the 

Great Wall of China’s DNS injection subsystem

Documented by researchers from GFW Report

, a censorship monitoring platform, the ‘Wallbleed’ bug “caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted DNS query”. The researchers used a novel side channel to monitor injector processes, reverse-engineered the injector’s parsing logic and assessed the leaked information’s impact on users, among other things. The research “afforded a rare insight into one of the Great Firewall’s well-known network attacks, namely DNS injection, in terms of its internal architecture and the censor’s operational behaviors,” wrote the research team. 🇨🇳

Superstitious readers might believe that important things happen in threes, so with that in mind we'll present a third security issue affecting a potentially colossal number of users, this time related to 

. Specifically, researchers from the Florida Institute for Cybersecurity Research 

 that could potentially have resulted in persistent denial of cell service to an entire metropolitan area or city. Moreover, asserted the researchers, some security flaws could have been abused to remotely compromise and access the cellular core. The researchers found vulnerabilities in all seven LTE implementations and all three 5G implementations that they tested. 📡

Burp Suite’s best feature – but no one uses it!

is pure catnip to hackers given the popularity of Burp, but the strength of the content backs up the tantalising promise of the video title.Kicking off our inaugural roundup of advice videos from around the web (well, YouTube), this 15-minute tutorial demonstrates how to use this feature step-by-step on a target to accelerate your bug hunt. 🐛

In video #2, Ben ‘NahamSec’ Sadeghipour shares a 

“proven framework” for consistently finding high-impact bugs

, one that is accumulating traffic and likes at a rapid clip. Among other insights, the legendary hacker and keynote speaker explains why relying on tools alone isn’t enough, how to choose targets wisely, and how to streamline your hacking workflow for maximum results. 💡

Finally, NahamSec also stars in this 17-minute tutorial by the UnixGuy channel, with host Ben R Truong turning to the hacker to help him outline a 

practical roadmap for aspiring bug bounty hunters

“Brevity is the soul of wit,” said Polonius in Shakespeare’s Hamlet. This isn’t universally true, unfortunately, since we’ll conclude our roundup with a concise and humour-free bullet-point summary of other notable InfoSec content:

Hacking high-profile Bug Bounty targets: deep dive into a client-side chain

Nginx/Apache path confusion to auth bypass in PAN-OS (CVE-2025-0108)

Hacking a software supply chain to achieve RCE on developers, pipelines and production servers for a $50k bounty

 – research by Roni ‘Lupin’ Carta and Snorlhax

Shadow Repeater: AI-powered variation testing on Burp

 – Gareth Heyes unveils PortSwigger’s latest tool

 – bug-hunting advice from verylazytech

As per usual, we’d humbly like to flag some of our content too. Bug Bounty hunters often alternate between feast and famine when it comes to unearthing vulnerabilities, says 

 below to see Leo – hacker alias ‘Leorac’ – also reflect on the changes he’s witnessed in our digital ecosystem over the past 20 years, and offers some tips to up-and-coming hacking talents. 🇮🇹

It’s a double header for hunter interviews this month, with our second featured hacker, 

 about the impact of increasingly secure development practices on the number and discoverability of vulnerabilities out in the wild. For those unfamiliar with the Polish ethical hacker, he documents his impressive exploits on his hugely popular YouTube channel, 

 – it’s definitely work checking out. 🇵🇱

Like Gregxsunday, we try and do our bit to inspire and educate aspiring and inexperienced hunters. To this end, we’re publishing how-to guides to learning foundational hacking skills. Most recently this includes 

, which explains various active and passive techniques, supported by examples performed on a real public Bug Bounty Program. We’ve also recently published an 

 (XSS), which examines how to detect and exploit common variants of this pervasive bug type, from reflected to blind vulnerabilities. 🕵️

The current monthly Dojo CTF challenge, '

', invites hunters to "use only JSON to build your hacker profile. The developer claims their application is fully secure. Prove them wrong by reading the 

 file on the server." The challenge is open for submissions until 17 April, with the three best writeups winning exclusive YesWeHack swag as usual.

Pwnii (aka pwnwithlove) revisits the previous monthly challenge, ‘Phishing’. She walks us through the solution, which involves mounting a homographic attack using punycode, as well as explaining why NodeJS’ VM module sandboxes aren’t as secure as they might seem. Kudos to the overall winners of the phishing challenge by the way: Sto, MerleSurLeToit and thepotata. Check out the 

The hunter community is making short work of our 

targets, with only four items left to go. Congratulations to HakuPiku for 

, and winning himself a six-month voucher for Caido Pro and an exclusive swag pack, via an OS command injection report accepted on a public program. 🎁

Finally on the YesWeHack community front, 

 for climbing into second place on our all-time leaderboard. The top two for 

 precisely mirrors the all-time leaderboard (rabhi and Xel), while Xavoppa is a rising star in third (this hunter only joined YesWeHack in 2024), Noam is in fourth (all time #13) and Pocsir occupies fifth spot (al time #15). 🏆

Three upcoming events to highlight if you want to meet the YesWeHack team (and get some free swag!): 

And that’s about it for this month… happy hacking! 👋

Read this monthly roundup of content aimed at ethical hackers even sooner by subscribing to 

Are you a CISO, other security professional or security-conscious dev? Check out our CISO-focused sister newsletter, 

 – bringing you news, insights and inspiration around offensive security topics like Bug Bounty, vulnerability disclosure and management, pentest management and attack surface protection.

YouTube email leak exploit, Great ‘Wallbleed’ of China, Burp’s overlooked ‘best feature’ – ethical hacker news roundup

No industry is immune from the transformative disruption being wrought by artificial intelligence – least of all the Bug Bounty industry. Offensive security practitioners – boundary-pushers by definition – are enjoying the benefits, navigating the challenges and reckoning with the risks sooner than most.

In terms of operational efficiency, AI tools are enhancing decision-making with data-driven intelligence and, through automation, liberating security researchers and security teams alike to focus on areas where they can add the greatest value.

Of course, AI applications are themselves increasingly the subject of security testing. When ChatGPT first wowed the world in 2023 it prefigured a paradigm shift in how applications behave – with profound implications for vulnerability discovery, reproduction and remediation.

In summary, the age of AI likely heralds a supercharging of Bug Bounty fundamentals:

Ever-more innovative, automated, scalable hacking – for ethical and malicious hackers alike

Accelerating evolution of attack techniques as AI-specific CWEs continue to emerge

Novel complexities in validating, reproducing and mitigating AI vulnerabilities

Streamlining of vulnerability management will reduce time-to-fix, but amid shrinking time-to-exploitation by adversaries

Increasingly scalable risk mitigation amid accelerating software development and even-faster-growing attack surfaces

This article explores how the intrinsic benefits of Bug Bounty, such as continuous testing, will become even 

 as cybercriminals also up their game with the help of AI. Similarly, you’ll learn how the ability to rapidly crowdsource any hacking skill, however niche, is 

 as AI spawns novel attack techniques amid an 

acute shortage of cyber skills around emerging technologies

We’ll also examine the security-testing implications of the spread of AI; what AI cybersecurity tooling means for detecting and handling traditional vulnerabilities like cross-site scripting (XSS), SQL injection and improper access control; and some common AI testing techniques, mitigations and real-world case studies. (And of course, it only seemed appropriate to intersperse the text with AI-generated images!)

#1 The AI explosion in modern applications

AI-powered functionality has become as rapidly integral to modern applications as, for instance, responsive design did before it. Here at YesWeHack, we are already managing several AI-focused programs and dozens of scopes with AI elements.

But the AI rollout is arguably proceeding faster than security practices can keep up with – especially given the technology introduces a set of head-spinning new problems for security testers:

Probabilistic/non-deterministic behaviour

 and emergent (not explicitly programmed) properties

Daunting scale – potentially billions of parameters and near-limitless range of adversarial scenarios

Particularly difficult to distinguish intended/benign behaviour from unintended/insecure behaviour

Complex new failure modes and novel vulnerability types

These AI security concerns make validating, reproducing and mitigating AI-related vulnerabilities particularly complex.

The YesWeHack Blog

The art of payload obfuscation: how to mask malicious scripts and bypass defence mechanisms

Limitations are just an illusion – advanced server-side template exploitation with RCE everywhere

YouTube email leak exploit, Great ‘Wallbleed’ of China, Burp’s overlooked ‘best feature’ – ethical hacker news roundup

The art of payload obfuscation: how to mask malicious scripts and bypass defence mechanisms

Mitigating AI cybersecurity risks with Bug Bounty Programs: A deep dive

Recon series #3: HTTP fingerprinting – sleuthing for a web application’s hidden vulnerabilities

US House passes bill mandating vulnerability disclosure policies for federal contractors

Mitigating AI cybersecurity risks with Bug Bounty Programs: A deep dive

Dojo challenge #39 - Phishing winners & writeup

Junior devs ‘can’t actually code’, AI coding risks, security researchers decry inscrutable AI – OffSec roundup for CISOs

Recon Series #2: Subdomain enumeration – expand attack surfaces with active, passive techniques

Dojo challenge #39 - Phishing winners & writeup

Don't wait for threats to strike

Products

Researchers

Resources

Company

Follow us