[Owasp-leaders] Pentesting: Is there a collection of REs for HTTP response analysis?

Ryan Barnett ryan.barnett at breach.com
Fri Nov 20 13:06:58 EST 2009

On Friday 20 November 2009 11:15:09 am Andrew Petukhov wrote:
> Leaders,
> does any one know, if there is a database of regular expression for
> testing HTTP responses while doing a pentest?
> Let me outline the problem (in a simplistic way):
> - a black-box scanner can detect successful XSS by noticing the code it
> had injected in subsequent pages;
> - a black-box scanner can detect SQLI blindly;
> - other possible manifestations of an exploited vulnerability are 5xx
> codes and error mesages.
> I know only about ModSecurity Core Rule Set. It can be used to detect
> error messages.
> Does anyone know other sources?
> Thanks in advance!
> Andrew Petukhov,
> Moscow State University

Check out the GREP section of W3AF - http://w3af.sourceforge.net/plugin-

You can use these same regexs to check the http response for apps you are 

Ryan C. Barnett
WASC Distributed Open Proxy Honeypot Project Leader
OWASP ModSecurity Core Rule Set Project Leader
Tactical Web Application Security

More information about the OWASP-Leaders mailing list