Showing 6 results for: April 2011 ×ModSecurity ×

ModSecurity Advanced Topic of the Week: Integrating IDS Signatures

Snort Web Attack Rules You may be familiar with the Emerging Threats project. They have a few Snort rules files related to known web application vulnerabilities and attacks: emerging-web_server.rules emerging-web_specific_apps.rules Identifying attacks against known vulnerabilities does have value in the...

ModSecurity 2.6.0-rc1 is now available

The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.0-rc1 Release (www.modsecurity.org). This is the first release from the 2.6 branch which improves on the functionality of ModSecurity and introduces some new features. Some highlights: Google Safe-Browsing...

Analysis of LizaMoon: Stored XSS via SQL Injection

Blended Attacks More and more of today's web application attacks are leveraging multiple weaknesses, vulnerabilities and attack methods in order to achieve a desired exploitation outcome. It is becoming more and more difficult to neatly place an attack into one...