Thank you for the wonderful videos. I watched most of them, but I have a problem with waf. When fuzz for subdomain enumeration or directory or hidden parameter or anything after a short period of time, l block with waf, and the response is late from the server.
The way you trigger WAF is trying to access the specific endpoints or sending malicious requests. It's just an another layer of defense for websites. Unfortunately, its the biggest pain in the ass for most cases while doing bug bounties. I will be sharing some extra videos on this topic in the future, to help avoid it or bypass it. Feel free to check discord, if you have some questions or looking for collabs ;)