Blinkie Lights howto by nosteve
September 22, 2011 | nosteve
At DEF CON 19, I showed a project that uses an LED matrix to display network ...
Analyzing PDF Malware - Part 1
September 22, 2011 | Admin
Background
Advanced BNAT in the Wild
September 15, 2011 | Jonathan Claudius
Just this week, we were asked to help out with some "TCP weirdness" that was ...
ModSecurity Advanced Topic of the Week: Remote File Inclusion Attack Detection
September 11, 2011 | Ryan Barnett
Remote file inclusion (RFI) is a popular technique used to attack web ...
Morto: More than Meets the Eye
September 06, 2011 | Josh Grunzweig
There's been a lot of talk the past week or so about Morto. For those ...
Implementing AppSensor Detection Points in ModSecurity
August 31, 2011 | Ryan Barnett
This is a follow-up to a previous blog post entitled "Real-time Application ...
Detecting Malice with ModSecurity: (Updated) CSRF Attacks
August 30, 2011 | Ryan Barnett
UPDATE - since this original post, we added new data manipulation capabilities ...
(Updated) Mitigation of Apache Range Header DoS Attack
August 24, 2011 | Ryan Barnett
Update After deeper research into the underlying vulnerability and analyzing ...
ModSecurity Advanced Topic of the Week: (Updated) Exception Handling
August 23, 2011 | Ryan Barnett
UPDATE - since this original post, we added new exception handling capabilities ...
What Do Bug Bounties Cover?
August 19, 2011 | Admin
Over the past few days in the UK we have been bombarded with arguments and ...
ModSecurity Advanced Topic of the Week: Automated Virtual Patching Script
August 18, 2011 | Ryan Barnett
Automated Virtual Patching Example Script
ModSecurity Advanced Topic of the Week: Audit Log Searching with ModGrep
August 11, 2011 | Ryan Barnett
This is an updated section from my previous book Preventing Web Attacks with ...
ModSecurity Advanced Topic of the Week: Audit Log Searching with ModGrep
August 11, 2011 | Ryan Barnett
This is an updated section from my previous book Preventing Web Attacks with ...
Auto-BAHN: Using Smart phones to create emergency, ad hoc networks
August 10, 2011 | Thomas Wilhelm
Thomas Wilhelm, Sr. Security Consultant at Trustwave SpiderLabs, revealed a ...
TWSL2011-008: Focus Stealing Vulnerability in Android
August 08, 2011 | Josh Grunzweig
The SpiderLabs team at Trustwave published a new advisory today, which details ...
Regression Workaround for TWSL2011-007: The iOS SSL Validation Vulnerability (UPDATED)
August 07, 2011 | Admin
Trustwave SpiderLabs recently released an advisory (TWSL2011-007) regarding ...
What Web Application Security Monitoring Can Learn From Casino Surveillance
August 07, 2011 | Ryan Barnett
New Edition of SpiderLabs Radio - Interviews with SpiderLabs DEF CON Speakers
August 02, 2011 | Zack Fasel
This month, Zack Fasel and Tom Mackenzie interview the SpiderLabs Team Members ...
Live ModSecurity Challenges at Blackhat Arsenal
July 28, 2011 | Ryan Barnett
ModSecurity is participating in the upcoming Blackhat Arsenal Tools Demo next ...
A whole lot of Spiders at DEF CON 19
July 26, 2011 | SpiderLabs Anterior
Next week members of Trustwave's SpiderLabs team will be headed to Las Vegas to ...
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain
July 25, 2011 | Josh Grunzweig
The SpiderLabs team at Trustwave published a new advisory today, which details ...
Advanced Topic of the Week: (Updated) Real-time Blacklist Lookups
July 19, 2011 | Ryan Barnett
Updated - the information in this blog has been updated to reflect the current ...
Announcing Release of ModSecurity v2.6.1
July 18, 2011 | Ryan Barnett
Availability of ModSecurity 2.6.1-RC1 Release (July 18, 2011) The ModSecurity ...
Spiders Are FUN!!! at DEF CON 19
July 15, 2011 | Zack Fasel
DEF CON's coming up soon (3 weeks to be exact), and there's a lot of excellent ...
(Updated) ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks
July 13, 2011 | Ryan Barnett
Update - the latest version of the ModSecurity 2.6 has a new directive called ...
Announcing Release of ModSecurity v2.6.1-RC1
June 30, 2011 | Admin
Availability of ModSecurity 2.6.1-RC1 Release (June 30, 2011) The ModSecurity ...
Announcing the ModSecurity SQL Injection Challenge
June 22, 2011 | Ryan Barnett
The ModSecurity Project Team is happy to announce our first community hacking ...
ModSecurity Advanced Topic of the Week: Application Logout Response Actions
June 21, 2011 | Ryan Barnett
Application Defense Response Actions What is the best way to respond to ...