[Owasp-brazilian] Detecting Attacks on Web Applications

Rodrigo Montoro (Sp0oKeR) spooker at gmail.com
Tue Feb 5 19:49:15 EST 2008


Abaixo o conteúdo do paper, muito interessante:


Outline
1 Abstract......................................................3
2 Introduction..................................................4
3 Attacks on Web Applications...................................5
3.1 Web server log files......................................6
3.2 Primer on HTTP............................................8
3.2.1 HTTP Evasion Techniques..............................12
3.3 Regular Expressions (Regex)..............................14
4 Detecting Attacks............................................15
4.1 Rulebased Detection (static rules)......................20
4.1.1 Negative Security Model..............................20
4.1.2 Positive Security Model..............................21
4.2 Anomalybased Detection (dynamic rules)..................21
4.3 Detecting the OWASP Top Ten 2007.........................22
4.3.1 A1 Cross Site Scripting (XSS)......................22
4.3.2 A2 Injection Flaws.................................26
4.3.3 A3 Malicious File Execution........................32
4.3.4 A4 Insecure Direct Object Reference................33
4.3.5 A5 Cross Site Request Forgery (CSRF)...............35
4.3.6 A6 Information Leakage and Improper Error Handling. 37
4.3.7 A7 Broken Authentication and Session Management. . . .38
4.3.8 A8 Insecure Cryptographic Storage..................39
4.3.9 A9 Insecure Communications.........................40
4.3.10 A10 Failure to Restrict URL Access................41
5 Conclusion...................................................42
6 References...................................................42

Fazer o downalod: http://www.sans.org/reading_room/whitepapers/logging/2074.php


Happy Hacking!!

Rodrigo Montoro (Sp0oKeR)

-- 
 ===============================
  Rodrigo Montoro (Sp0oKeR)
      Security Researcher
SnortCP / RHCE / LPIC-I / MCSO
 http://www.spookerlabs.com.br
===============================


More information about the Owasp-brazilian mailing list