Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Know your Enemy: Web Application Threats
- From: ge at linuxbox.org (Gadi Evron)
- Subject: [Full-disclosure] Know your Enemy: Web Application Threats
- Date: Sun, 25 Feb 2007 02:29:21 -0600 (CST)
Jamie Riden, Ryan McGeehan, Brian Engert and Michael Mueter just released an Honeynet paper on Web security called: Know your Enemy: Web Application Threats You can find their paper here: http://honeynet.org/papers/webapp/ The paper is very good, and deals with all kinds of web threats such as SQL Injection and XSS. Of most interest to me were the Code Injection and Remote Code-Inclusion due to my own research in that field. The Honeynet paper deals with many issues other than these, and is most definitely recommended reading. Jamie Riden has written a paper on web honey pots in the past. These guys know what they are talking about. Gadi.
- Prev by Date: [Full-disclosure] New release: "OWASP TESTING GUIDE 2007"
- Next by Date: [Full-disclosure] [ GLSA 200702-09 ] Nexuiz: Multiple vulnerabilities
- Previous by thread: [Full-disclosure] New release: "OWASP TESTING GUIDE 2007"
- Next by thread: [Full-disclosure] [ GLSA 200702-09 ] Nexuiz: Multiple vulnerabilities
- Index(es):