|
WebApp Sec
mailing list archives
Paper announcement: Know Your Enemy: Web Application Threats
From: "Jamie Riden" <jamesr () europe com>
Date: Sat, 24 Feb 2007 23:16:45 +0100
The Honeynet Project & Research Alliance is pleased to announce the
release of a new paper "Know Your Enemy: Web Application Threats".
This technical white paper provides behind the scenes information on
various HTTP-based attacks against web applications, including remote
file inclusion and exploitation of the PHPShell application. The paper
is based on the research and data collected from the Chicago Honeynet
Project, the New Zealand Honeynet Project and the German Honeynet
Project during multiple honeypot compromises.
The paper is available at http://honeynet.org/papers/webapp
Along with the release of this paper, comes new functionality to the "Google
Hack" Honeypot (GHH), used extensively in the paper. GHH now includes an
automated malware collection function, as well as remote XML-RPC logging for
SSL support. GHH is available at http://ghh.sourceforge.net.
-------------------------------------------------------------------------
Sponsored by: Watchfire
Securing a web application goes far beyond testing the application using
manual processes, or by using automated systems and tools. Watchfire's
"Web Application Security: Automated Scanning or Manual Penetration
Testing?" whitepaper examines a few vulnerability detection methods -
specifically comparing and contrasting manual penetration testing with
automated scanning tools. Download it today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fH6
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Paper announcement: Know Your Enemy: Web Application Threats Jamie Riden (Feb 24)
|
Intro
