Full Disclosure mailing list archives
Know your Enemy: Web Application Threats
From: Gadi Evron <ge () linuxbox org>
Date: Sun, 25 Feb 2007 02:29:21 -0600 (CST)
Jamie Riden, Ryan McGeehan, Brian Engert and Michael Mueter just released an Honeynet paper on Web security called: Know your Enemy: Web Application Threats You can find their paper here: http://honeynet.org/papers/webapp/ The paper is very good, and deals with all kinds of web threats such as SQL Injection and XSS. Of most interest to me were the Code Injection and Remote Code-Inclusion due to my own research in that field. The Honeynet paper deals with many issues other than these, and is most definitely recommended reading. Jamie Riden has written a paper on web honey pots in the past. These guys know what they are talking about. Gadi. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Know your Enemy: Web Application Threats Gadi Evron (Feb 25)