Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Diaries by Keyword Diaries by Keyword

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

WEB APPLICATION FIREWALL

2013-07-27Scott FendleyDefending Against Web Server Denial of Service Attacks
2009-01-12William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-11-20Jason LamLarge quantity SQL Injection mitigation

WEB

2019-11-22/a>Xavier MertensAbusing Web Filters Misconfiguration for Reconnaissance
2019-09-24/a>Xavier MertensHuge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs
2019-08-28/a>Johannes Ullrich[Guest Diary] Open Redirect: A Small But Very Common Vulnerability
2019-08-01/a>Johannes UllrichWhat is Listening On Port 9527/TCP?
2019-06-19/a>Johannes UllrichCritical Actively Exploited WebLogic Flaw Patched CVE-2019-2729
2019-04-28/a>Johannes UllrichUpdate about Weblogic CVE-2019-2725 (Exploits Used in the Wild, Patch Status)
2019-04-25/a>Rob VandenBrinkUnpatched Vulnerability Alert - WebLogic Zero Day
2019-02-02/a>Guy BruneauScanning for WebDAV PROPFIND Exploiting CVE-2017-7269
2018-11-17/a>Xavier MertensQuickly Investigating Websites with Lookyloo
2018-07-20/a>Kevin ListonWeblogic Exploit Code Made Public (CVE-2018-2893)
2018-05-03/a>Renato MarinhoWebLogic Exploited in the Wild (Again)
2018-04-30/a>Remco VerhoefAnother approach to webapplication fingerprinting
2018-01-08/a>Johannes UllrichA Story About PeopleSoft: How to Make $250k Without Leaving Home.
2017-09-14/a>Xavier MertensAnother webshell, another backdoor!
2017-07-19/a>Xavier MertensBots Searching for Keys & Config Files
2017-06-01/a>Xavier MertensSharing Private Data with Webcast Invitations
2017-05-12/a>Xavier MertensWhen Bad Guys are Pwning Bad Guys...
2017-04-07/a>Xavier MertensTracking Website Defacers with HTTP Referers
2017-04-02/a>Guy BruneauIPFire - A Household Multipurpose Security Gateway
2017-02-28/a>Xavier MertensAnalysis of a Simple PHP Backdoor
2017-01-24/a>Johannes UllrichCritical Vulnerability in Cisco WebEx Chrome Plugin
2017-01-14/a>Xavier MertensBackup Files Are Good but Can Be Evil
2016-07-13/a>Xavier MertensThe Power of Web Shells
2016-01-29/a>Xavier MertensScripting Web Categorization
2015-06-25/a>Bojan ZdrnjaWeb security subtleties and exploitation of combined vulnerabilities
2015-04-23/a>Bojan ZdrnjaWhen automation does not help
2015-04-14/a>Johannes UllrichOdd POST Request To Web Honeypot
2014-08-16/a>Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2014-06-11/a>Daniel WesemannGimme your keys!
2014-06-10/a>Daniel WesemannSampling Bias
2014-04-24/a>Rob VandenBrinkApple IOS updates to 7.1.1, OSX Security update 2014-002, Airport Updates - http://support.apple.com/kb/HT1222, http://support.apple.com/kb/HT6208, http://support.apple.com/kb/HT6207, http://support.apple.com/kb/HT6203
2014-04-11/a>Guy BruneauHeartbleed Fix Available for Download for Cisco Products
2014-04-07/a>Johannes UllrichAttack or Bad Link? Your Guess?
2014-01-17/a>Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2014-01-13/a>Johannes UllrichSpecial Webcast today: HTML5, Risky Business or Hidden Security Toolchest? https://www.sans.org/webcasts/html5-risky-business-hidden-security-tool-chest-mobile-web-app-authentication-97650
2014-01-11/a>Guy Bruneautcpflow 1.4.4 and some of its most Interesting Features
2013-12-24/a>Daniel WesemannUnfriendly crontab additions
2013-11-02/a>Rick WannerProtecting Your Family's Computers
2013-10-04/a>Pedro BuenoCSAM: WebHosting BruteForce logs
2013-09-05/a>Rob VandenBrinkWhat's Next for IPS?
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-06-25/a>Bojan ZdrnjaThe race for resources
2013-06-10/a>Johannes UllrichWhen Google isn't Google
2013-04-08/a>Johannes UllrichCleaning Up After the Leak: Hiding exposed web content
2013-03-26/a>Daniel WesemannHow your Webhosting Account is Getting Abused
2013-02-25/a>Johannes UllrichPunkspider enumerates web application vulnerabilities
2013-02-22/a>Johannes UllrichWhen web sites go bad: bible . org compromise
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2012-10-26/a>Adam SwangerSecuring the Human Special Webcast - October 30, 2012
2012-09-08/a>Guy BruneauWebmin Input Validation Vulnerabilities
2012-08-13/a>Rick WannerInteresting scan for medical certification information...
2012-07-23/a>Johannes UllrichMost Anti-Privacy Web Browsing Tool Ever?
2012-03-11/a>Johannes UllrichAn Analysis of Jester's QR Code Attack. (Guest Diary)
2011-12-28/a>Daniel WesemannHash collisions vulnerability in web servers
2011-11-01/a>Russ McReeSecure languages & frameworks
2011-10-12/a>Adam SwangerWe are experiencing technical issues with the webcast. The webcast will start as soon as these issues are resolved.
2011-08-16/a>Johannes UllrichWhat are the most dangerous web applications and how to secure them?
2011-07-28/a>Johannes UllrichAnnouncing: The "404 Project"
2011-07-05/a>Raul SilesHelping Developers Understand Security - Spot the Vuln
2011-05-17/a>Johannes UllrichA Couple Days of Logs: Looking for the Russian Business Network
2011-05-14/a>Guy BruneauWebsense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2011-05-11/a>Swa FrantzenTime to disable WebGL ?
2011-04-10/a>Raul SilesRecent security enhancements in web browsers (e.g. Google Chrome)
2011-04-01/a>John BambenekLizaMoon Mass SQL-Injection Attack Infected at least 500k Websites
2011-02-28/a>Deborah HalePossible Botnet Scanning
2011-02-01/a>Lenny ZeltserThe Importance of HTTP Headers When Investigating Malicious Sites
2010-12-18/a>Raul SilesGoogle Chrome (Stable and Beta) have been updated to 8.0.552.224 for all platforms (Chrome OS too). http://bit.ly/fW04cr
2010-12-12/a>Raul SilesNew trend regarding web application vulnerabilities?
2010-12-02/a>Kevin JohnsonRobert Hansen and our happiness
2010-11-18/a>Chris CarboniAll of your pages are belonging to us
2010-08-16/a>Raul SilesBlind Elephant: A New Web Application Fingerprinting Tool
2010-08-15/a>Manuel Humberto Santander PelaezPython to test web application security
2010-08-13/a>Tom ListonThe Strange Case of Doctor Jekyll and Mr. ED
2010-07-25/a>Rick WannerUpdated version of Mandiant's Web Historian
2010-07-21/a>Adrien de BeaupreUpdate on .LNK vulnerability
2010-07-20/a>Manuel Humberto Santander PelaezLNK vulnerability now with Metasploit module implementing the WebDAV method
2010-06-23/a>Scott FendleyOpera Browser Update
2010-06-15/a>Manuel Humberto Santander PelaeziPhone 4 Order Security Breach Exposes Private Information
2010-04-26/a>Raul SilesVulnerable Sites Database
2010-04-13/a>Adrien de BeaupreWeb App Testing Tools
2010-03-24/a>Johannes Ullrich".sys" Directories Delivering Driveby Downloads
2010-03-21/a>Scott FendleySkipfish - Web Application Security Tool
2010-03-08/a>Raul SilesSamurai WTF 0.8
2010-02-06/a>Guy BruneauOracle WebLogic Server Security Alert
2010-02-03/a>Johannes UllrichAnatomy of a Form Spam Campaign (in progress against isc.sans.org right now) https://blogs.sans.org/appsecstreetfighter/
2010-01-29/a>Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2010-01-25/a>William Salusky"Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!"
2010-01-20/a>Johannes UllrichWeathering the Storm Part 1: An analysis of our SANS ISC weblogs http://appsecstreetfighter.com
2010-01-08/a>Rob VandenBrinkMicrosoft OfficeOnline, Searching for Trust and Malware
2009-12-28/a>Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-10-26/a>Johannes UllrichWeb honeypot Update
2009-10-20/a>Raul SilesWASC 2008 Statistics
2009-10-09/a>Rob VandenBrinkTHAWTE to discontinue free Email Certificate Services and Web of Trust Service
2009-09-18/a>Jason LamResults from Webhoneypot project
2009-09-16/a>Raul SilesReview the security controls of your Web Applications... all them!
2009-08-18/a>Deborah HaleDomain tcpdump.org unavailable
2009-08-18/a>Deborah HaleWebsite compromises - what's happening?
2009-08-17/a>Adrien de BeaupreYAMWD: Yet Another Mass Web Defacement
2009-08-01/a>Deborah HaleWebsite Warnings
2009-07-13/a>Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
2009-07-05/a>Bojan ZdrnjaMore on ColdFusion hacks
2009-06-11/a>Jason LamDshield Web Honeypot going beta
2009-05-27/a>donald smithWebDAV write-up
2009-05-26/a>Jason LamA new Web application security blog
2009-05-24/a>Raul SilesIIS admins, help finding WebDAV remotely using nmap
2009-05-21/a>Adrien de BeaupreIIS admins, help finding WebDAV
2009-05-20/a>Tom ListonWeb Toolz
2009-05-05/a>Bojan ZdrnjaEvery dot matters
2009-04-21/a>Bojan ZdrnjaWeb application vulnerabilities
2009-03-26/a>Mark HofmanWebhoneypot fun
2009-02-17/a>Jason LamDShield Web Honeypot - Alpha Preview Release
2009-01-12/a>William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-12-01/a>Jason LamCall for volunteers - Web Honeypot Project
2008-11-20/a>Jason LamLarge quantity SQL Injection mitigation
2008-09-08/a>Raul SilesQuick Analysis of the 2007 Web Application Security Statistics
2008-08-19/a>Johannes UllrichA morning stroll through my web logs
2008-08-15/a>Jim ClausingWebEx ActiveX buffer overflow
2008-06-07/a>Jim ClausingFollowup to 'How do you monitor your website?'
2008-04-24/a>donald smithHundreds of thousands of SQL injections
2006-09-30/a>Swa FrantzenYellow: WebViewFolderIcon setslice exploit spreading

APPLICATION

2019-06-20/a>Xavier MertensUsing a Travel Packing App for Infosec Purpose
2018-12-31/a>Didier StevensSoftware Crashes: A New Year's Resolution
2018-04-30/a>Remco VerhoefAnother approach to webapplication fingerprinting
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2014-01-17/a>Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2011-11-01/a>Russ McReeSecure languages & frameworks
2011-08-16/a>Johannes UllrichWhat are the most dangerous web applications and how to secure them?
2011-07-28/a>Johannes UllrichAnnouncing: The "404 Project"
2011-07-05/a>Raul SilesHelping Developers Understand Security - Spot the Vuln
2011-04-22/a>Manuel Humberto Santander PelaezIn-house developed applications: The constant headache for the information security officer
2010-12-25/a>Manuel Humberto Santander PelaezAn interesting vulnerability playground to learn application vulnerabilities
2010-12-12/a>Raul SilesNew trend regarding web application vulnerabilities?
2010-08-16/a>Raul SilesBlind Elephant: A New Web Application Fingerprinting Tool
2010-08-15/a>Manuel Humberto Santander PelaezPython to test web application security
2010-06-14/a>Manuel Humberto Santander PelaezAnother way to get protection for application-level attacks
2010-06-14/a>Manuel Humberto Santander PelaezRogue facebook application acting like a worm
2010-04-13/a>Adrien de BeaupreWeb App Testing Tools
2010-04-06/a>Daniel WesemannApplication Logs
2010-03-21/a>Scott FendleySkipfish - Web Application Security Tool
2010-03-08/a>Raul SilesSamurai WTF 0.8
2010-02-20/a>Mari NicholsIs "Green IT" Defeating Security?
2010-01-29/a>Adrien de BeaupreNeo-legacy applications
2010-01-24/a>Pedro BuenoOutdated client applications
2009-10-20/a>Raul SilesWASC 2008 Statistics
2009-09-16/a>Raul SilesReview the security controls of your Web Applications... all them!
2009-05-26/a>Jason LamA new Web application security blog
2009-05-20/a>Tom ListonWeb Toolz
2009-04-21/a>Bojan ZdrnjaWeb application vulnerabilities
2009-01-12/a>William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-11-20/a>Jason LamLarge quantity SQL Injection mitigation

FIREWALL

2019-11-22/a>Xavier MertensAbusing Web Filters Misconfiguration for Reconnaissance
2019-03-05/a>Rob VandenBrinkPowershell, Active Directory and the Windows Host Firewall
2019-01-22/a>Xavier MertensDNS Firewalling with MISP
2018-12-19/a>Xavier MertensRestricting PowerShell Capabilities with NetSh
2018-09-22/a>Didier StevensSuspicious DNS Requests ... Issued by a Firewall
2017-08-23/a>Xavier MertensMalicious script dropping an executable signed by Avast?
2015-02-23/a>Richard PorterSubscribing to the DShield Top 20 on a Palo Alto Networks Firewall
2013-10-18/a>Rob VandenBrinkCSAM - Why am I seeing DNS Requests to IANA.ORG in my Firewall Logs?
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-07-20/a>Manuel Humberto Santander PelaezDo you have rogue Internet gateways in your network? Check it with nmap
2013-04-25/a>Adam SwangerGuest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls
2013-03-13/a>Johannes UllrichIPv6 Focus Month: Kaspersky Firewall IPv6 Vulnerability
2013-03-08/a>Johannes UllrichIPv6 Focus Month: Filtering ICMPv6 at the Border
2013-03-05/a>Mark HofmanIPv6 Focus Month: Device Defaults
2012-05-17/a>Johannes UllrichDo Firewalls make sense?
2012-05-08/a>Bojan ZdrnjaWindows Firewall Bypass Vulnerability and NetBIOS NS
2011-07-15/a>Deborah HaleWhat's in a Firewall?
2010-11-08/a>Manuel Humberto Santander PelaezNetwork Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-06-14/a>Manuel Humberto Santander PelaezAnother way to get protection for application-level attacks
2010-03-10/a>Rob VandenBrinkWhat's My Firewall Telling Me? (Part 4)
2010-03-05/a>Kyle HaugsnessWhat is your firewall log telling you - responses
2010-03-03/a>Daniel WesemannWhat is your firewall log telling you - Part #2
2010-02-23/a>Mark HofmanWhat is your firewall telling you and what is TCP249?
2009-10-30/a>Rob VandenBrinkNew version of NIST 800-41, Firewalls and Firewall Policy Guidelines
2009-01-12/a>William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-11-20/a>Jason LamLarge quantity SQL Injection mitigation