From b1e4148464f5098f4ed69e86f4760daf4de37261 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav@sqlmap.org>
Date: Mon, 27 Feb 2017 22:24:04 +0100
Subject: [PATCH] Updated FAQ (markdown)

---
 FAQ.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/FAQ.md b/FAQ.md
index bdce242..cccf9be 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -91,6 +91,14 @@ We already support the major and some minor databases. We do have plans to exten
 
 **No**.
 
+## Tool `xyz` works against the target, while sqlmap doesn't!
+
+Please use that other tool that works
+
+## Which tamper script to use to bypass a (WAF/IDS/IPS) protection?
+
+Don't use tamper scripts if you are not able to manually assess the target. Tamper scripts are used only in cases when the penetration tester knows how to bypass the protection in the first place (most probably after hours of request/response inspection). Blind usage and combination of numerous tamper scripts without the comprehension is always a bad idea.
+
 ## My site was attacked with sqlmap. Stop developing it you *dumb f.cks*!?
 
 We get occasional rage bursts from unknown people. It should be emphasized that **with each sqlmap run end users are obligated** with the following prelude message: