Showing 10 results for: June 2011 ×

Announcing Release of ModSecurity v2.6.1-RC1

Availability of ModSecurity 2.6.1-RC1 Release (June 30, 2011) The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.1-rc1 Release. This release includes some new features and bug fixes, please see the release notes included into CHANGES file....

Announcing the ModSecurity SQL Injection Challenge

The ModSecurity Project Team is happy to announce our first community hacking challenge! This is a SQL Injection and Filter Evasion Challenge. We have setup ModSecurity to proxy to the following 4 commercial vuln scanner demo sites: IBM (AppScan) -...

TWSL2011-006: IBM Web Application Firewall Bypass

The SpiderLabs team at Trustwave published a new advisory today, which details an issue identified in the IBM Web Application Firewall (WAF). The IBM Web Application Firewall capabilities, inside IBM IPS products, complement IBM Security's portfolio of web application security...

Patch the Vuln - Feathers - SQLi

Spot the Vuln -> Patch the Vuln SpotTheVuln This blog post series is designed to be a companion to the Spotthevuln.com website (thanks to Billy Rios - @XSSniper). Spotthevuln.com was designed to give developers more insight into designing code with...

My Other Ride is Your Image Upload Script

Many security issues are based upon mistaken assumptions. For instance, when testing applications, I often find that the user inputs left unsanitized are the ones that the developer does not believe can be modified, such as inputs from drop-down menus....

ModSecurity Happy Hour at Blackhat USA 2011

I am excited to announce that SpiderLabs will be hosting a ModSecurity Happy Hour during the Blackhat USA 2011 conference in Las Vegas. This is relaxed, social setting where you can meet not just the ModSecurity Project Team but also...