Know your Enemy: Web Application Threats
February 25th, 2007 by SecuriTeam, Filed under: Web, Commentary, Spam, Virus, Botnets
jamie riden, ryan mcgeehan, brian engert and michael mueter just released an honeynet paper on web security called: know your enemy: web application threats.
the paper is very good, and deals with all kinds of web threats such as sql injection and xss. of most interest to me were the code injection and remote code-inclusion, as you remember we published a paper of our own this month on these specific issues in the virus bulletin magazine. the honeynet paper deals with many issues other than these, and is most definitely recommended reading.
in our paper we linked to an older paper by jamie riden. these guys know what they are talking about.
sun shine,
sunshine@beyondsecurity.com.
-
Is your site safe from XSS Attacks? Use Active Network Scanning to protect your network!
Subscribe
Subscribe
Week’s Links…
Ambiguity In Ajax Lockdown FrameworkCore CS & Core PS Network High-Level Security RequirementsNew NIST documents releasedLaw Enforcement Tools and Technologies for Investigating Cyber Attacks: Gap Analysis ReportWireless Forensics: Part OneWireless…