Showing 2 results for: October 2014 ×ModSecurity ×

Setting HoneyTraps with ModSecurity: Adding Fake Cookies

This blog post continues with the topic of setting "HoneyTraps" within your web applications to catch attackers. Please review the previous posts for more examples: Project Honeypot Integration Unused Web Ports Adding Fake robots.txt Entries Adding Fake HTML Comments Adding...

Reflected File Download - A New Web Attack Vector

PLEASE NOTE: As promised, I've published a full white paper that is now available for download: White paper "Reflected File Download: A New Web Attack Vector" by Oren Hafif. On October 2014 as part of my talk at the Black...