Patch the Vuln - Feathers - SQLi
June 20, 2011 | Ryan Barnett
Spot the Vuln -> Patch the Vuln SpotTheVuln This blog post series is ...
My Other Ride is Your Image Upload Script
June 13, 2011 | Dan Crowley
Many security issues are based upon mistaken assumptions. For instance, when ...
My Other Ride is Your Image Upload Script(1)
June 13, 2011 | Dan Crowley
Many security issues are based upon mistaken assumptions. For instance, when ...
TWSL2011-004: Cross-Site Scripting Vulnerability in ZyXEL ZyWALL 70 Firewall(1)
June 10, 2011 | Josh Grunzweig
The SpiderLabs team at Trustwave published a new advisory today, which details ...
ModSecurity Advanced Topic of the Week: Unicode Mapping Support
June 07, 2011 | Ryan Barnett
ModSecurity Happy Hour at Blackhat USA 2011
June 06, 2011 | Ryan Barnett
I am excited to announce that SpiderLabs will be hosting a ModSecurity Happy ...
Announcing Release of OWASP ModSecurity Core Rule Set v2.2.0
May 26, 2011 | Ryan Barnett
The ModSecurity Development Team is pleased to announce the release of the ...
Analysis and Evolution of MacDefender OS X Fake AV Scareware
May 24, 2011 | Eric Monti
Over the last month, a new fake AV scareware variant has been circulating for ...
Announcing Release of ModSecurity v2.6.0
May 24, 2011 | Admin
The ModSecurity Development Team is pleased to announce the availability of ...
Analyzing Malware Hollow Processes
May 16, 2011 | Admin
The Malware Analyst's Cookbook is a great book. In it the authors talked about ...
Unicode Visual Spoofing for Good: Confusable CAPTCHAs
May 10, 2011 | Ryan Barnett
In this blog post, I will show a proof of concept method of leveraging Unicode ...
ModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 2 - Watcher Checks
May 03, 2011 | Ryan Barnett
In a previous blog post entitled "ModSecurity Advanced Topic of the Week: ...
Latest Web Hacking Incident Database (WHID) Entries(2)
May 02, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Reaching Trustwave's WebDefend Minus World
April 27, 2011 | Ryan Barnett
So my inbox lit up today with a Full Disclosure note about a vulnerability in ...
Who's in the Driver's Seat?
April 26, 2011 | SpiderLabs Anterior
Events over the last seven days have dramatically underlined the pitfalls and ...
Detecting Malice with ModSecurity: Request Method Anomalies
April 26, 2011 | Ryan Barnett
This week's installment of Detecting Malice with ModSecurity will discuss how ...
Latest Web Hacking Incident Database (WHID) Entries (3)
April 25, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
ModSecurity Advanced Topic of the Week: Integrating IDS Signatures
April 21, 2011 | Ryan Barnett
Snort Web Attack Rules You may be familiar with the Emerging Threats project. ...
ModSecurity 2.6.0-rc1 is now available
April 18, 2011 | Ryan Barnett
The ModSecurity Development Team is pleased to announce the availability of ...
Securing the Fifth Domain
April 13, 2011 | SpiderLabs Anterior
In May 2010, the final disappearance of the line between physical and virtual ...
ModSecurity Advanced Topic of the Week: Integrating Content Security Policy (CSP)
April 13, 2011 | Ryan Barnett
Mozilla's Content Security Policy (CSP) Mozilla has developed a fantastic ...
Latest Web Hacking Incident Database (WHID) Entries (5)
April 11, 2011 | Admin
These are the lastest entries added by SpiderLabs to the Web Application ...
CSS and XSS in Melodious Harmony
April 07, 2011 | Admin
Web application penetration testers, have you ever run into a situation where ...
Analysis of LizaMoon: Stored XSS via SQL Injection
April 05, 2011 | Ryan Barnett
Blended Attacks
Latest Web Hacking Incident Database (WHID) Entries(6)
April 04, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Defective By Design? - Certificate Revocation Behavior In Modern Browsers
April 04, 2011 | Paul Kehrer
With the recent fraudulent certificate incident involving one of Comodo's RAs ...
ModSecurity Update: Increasing Community Involvement
March 30, 2011 | Admin
New Licensing Trustwave is commited to the development of the ModSecurity ...
ModSecurity Advanced Topic of the Week: New Community Contribution - cmdLine Transformation Function
March 30, 2011 | Admin
Community Contribution - cmdLine This week's topic highlights a community ...