I have some of PHP based application and normally payload is passed in GET request to exploit any vulnerability. I am also working on ASM.
Issue is there are some exploits which work in GET aswell as in POST data. www.abc.com/index.php is a valid URL, illegal request is www.abc.com/index.php?admin:$val, Commonly these type of request work in GET or by typing URL. But if use any Utilty for sending post data .i.e; ?admin:$val for URL : www.abc.com/index.php it works. so i want to stop that one.
so at the moment my requirement is to stop this part of HTTP Request:
POST /foo/bar/test.exe HTTP/1.1