Announcing the ModSecurity XSS Evasion Challenge
The SpiderLabs Research Team is pleased to announce the release of the ModSecurity XSS Evasion ...
Read More
ModSecurity Advanced Topic of the Week: Mitigating XSS Vulnerabilities Using Targeted CSP Enforcement
Content Security Policy (CSP) Implementation Challenges CSP is an extremely powerful tool for ...
Read More[Honeypot Alert] Inside the Attacker's Toolbox: Webshell Usage Logging
In a previous blog post, we discussed the common lifecycle of web server botnet recruitment. While ...
Read More[Honeypot Alert] Active Exploits Attempts for Plesk Vulnerability
Last week, hacker "kingcope" provided PoC expliot code for a Plesk 0-day on the Full Disclosure ...
Read MoreModSecurity Updates: Nginx Stable Release and Google Summer of Code Participation
Availability of ModSecurity 2.7.4: Nginx Stable Release The ModSecurity Development Team is pleased ...
Read MoreXML External Entity (XXE) Execution Disabled in ModSecurity v2.7.3
On February 27, 2013, the ModSecurity project team was notified by security researchers from ...
Read MoreAccidental Stored XSS Flaw in Zemanta 'Related Posts' Plugin for TypePad
Note that the vulnerability described here was fixed by Zemanta.
Read MoreDefending WordPress Logins from Brute Force Attacks
As has been reported by many news outlets , WordPress login pages have been under a heavy brute ...
Read MoreRestricting Adobe CQ Admin Logins with Trustwave WAFs
One of the many useful features of a web application firewall (WAF) is its ability to add on ...
Read MoreModSecurity User Survey 2013
The ModSecurity web application firewall project has grown a lot in the past year including, ...
Read MoreWeb Application Defender's Cookbook: CCDC Blue Team Cheatsheet
Trustwave is a corporate sponsor of the National Collegiate Cyber Defense Competition (CCDC) where ...
Read More[Honeypot Alert] User-Agent Field PHP Injection Attacks
In a previous Honeypot Alert blog post, I showed an example of attackers using LFI attacks to ...
Read MoreServer-Side XSS Attack Detection with ModSecurity and PhantomJS
Client-Side JS Overriding Limitations In a previous blog post, I outlined how you could use ...
Read More[Honeypot Alert] Active Probes for Ruby on Rails XML Vulns
In a previous blog post, I outlined some ModSecurity defenses to help protect Ruby on Rails users ...
Read MoreModSecurity Mitigations for Ruby on Rails XML Exploits
There is big trouble in Ruby on Rails (RoR) land... The issue is related to XML parsing of YAML ...
Read MoreSetting HoneyTraps with ModSecurity: Unused Web Ports
This blog post will show an easy configuration update that you can make to your web servers running ...
Read More[Honeypot Alert] Turning Local File Inclusion into Reflected Code Execution
Which web application attack type is more severe: Local File Inclusion (LFI) or Code Execution? ...
Read More[Honeypot Alert] SQL Injection Scanning Detected in WordPress Error Logs
Normally for these Web Honeypot alert blog posts, I show snippets of the Apache access_log file ...
Read More[Honeypot Alert] SQL Injection Scanning Targeting Joomla Plugins
The following SQL Injection attack payloads targeting Joomla components were identified in our web ...
Read More[Honeypot Alert] User-Agent Field XSS Attacks
Our web honeypots picked up some more XSS attacks today:
Read MoreDetecting Successful XSS Testing with JS Overrides
Do you know when an attacker or security researcher successfully finds a Cross-site Scripting (XSS) ...
Read MoreAnnouncing the availability of ModSecurity extension for Nginx
ModSecurity for Nginx ModSecurity for Nginx is a web server plug-in for the Nginx web server ...
Read MoreHow Should WAFs Handle Authorized Vulnerability Scanning Traffic?
I have been asked this question more and more over the years as organizations are dealing with both ...
Read MoreAnnouncing the availability of ModSecurity extension for IIS
This blog post has also been posted on the Microsoft Security Research and Defense site: By: Greg ...
Read MoreBeyond Apache: ModSecurity for IIS/Nginx is Coming
The Trustwave SpiderLabs Research Team is proud to announce that, through a collaboration with the ...
Read More[Honeypot Alert] PHP-CGI Vuln Targeted For Database Dumping
Thanks to my SpiderLabs Research colleague @claudijd for collaborating with this analysis.
Read More