Showing 31 results for: 2010 ×

Advanced Topic of the Week: Validating SessionIDs

This week's topic discusses how to validate application SessionIDs submitted by clients. Reference Manual Initializing the SESSION collection with the setsid action. setsid Description: Special-purpose action that initialises the SESSION collection. Action Group: Non-disruptive Example: # Initialise session variables using...

WASC WHID Bi-Annual Report for 2010

The Web Hacking Incident Database (WHID) is a project dedicated to maintaining a record of web application-related security incidents. WHID's purpose is to serve as a tool for raising awareness of web application security problems and to provide information for...

Advanced Topic of the Week: Real-time Blacklist Lookups

This week's feature is the effective use of Real-time Blacklist lookups (@rbl). Reference Manual rbl Description: Look up the parameter in the RBL given as parameter. Parameter can be an IPv4 address, or a hostname. Example: SecRule REMOTE_ADDR "@rbl sc.surbl.org"...

Advanced Topic of the Week: Transformation Functions

This week's feature is the effective use of Transformation functions. Reference Manual This excerpt is taken from the updated Reference Manual section of Ivan Ristic's book ModSecurity Handbook. Transformation functions are used to alter input data before it is used...

OWASP ModSecurity Core Rule Set (CRS) v2.0.8 Released

Greetings everyone, I wanted to announce the availability of the OWASP ModSecurity CRS v2.0.8. DOWNLOADING - Download page You can also use the util/rules-updater.pl script to auto-download the latest ZIP archive (see the rules-updater-example.conf file for Repo data). TESTING -...

Advanced Topic of the Week: Validating Byte Ranges

We are starting a new blog post series here on the ModSecurity site called "Advanced Feature of the Week" where we will be highlighting many of ModSecurity's really cool capabilities. These are the features that seldom used or fully understood...

What's up @ ModSecurity?

Since Black Hat and DEFCON we have been busying building teams and aligning objectives over here at Trustwave's SpiderLabs. We are committed to driving innovation into the development of ModSecurity for the future. Here are are few things that we...

ModSecurity Happy Hour @ Black Hat USA

ModSecurity Community, We will be hosting a ModSecurity happy hour during Black Hat USA. It is open to anyone who contributes, uses or wants to learn more about the project. You'll also get a chance to meet the members of...

Impedance Mismatch and Base64

There was a recent blog article stating that ModSecurity can be bypassed by adding invalid characters to Base64 encoded data. Well, this is somewhat correct, but I am not sure I'd call it a bypass. It is really "Impedance Mismatch"...