[Owasp-leaders] Pentesting: Is there a collection of REs for HTTP response analysis?

Mat Caughron caughron at gmail.com
Fri Nov 20 13:41:50 EST 2009


[  Not sure we're on the best mailing list for this discussion, but in the
interest of getting the relevant information to the right people as quickly
as possible, here goes...  -Mat   ]


Hi Andrew:

Also consider emerging threats which has a lot of SNORT signatures for
various and sundry situations.
    http://emergingthreats.net/rules/emerging-web_server.rules
with other rule files listed here:
    http://emergingthreats.net/index.php/rules-mainmenu-38.html



Mat Caughron
caughron at gmail.com
(408) 910-1266


On Fri, Nov 20, 2009 at 10:15 AM, Andrew Petukhov <petand at lvk.cs.msu.su>wrote:

> Leaders,
> does any one know, if there is a database of regular expression for
> testing HTTP responses while doing a pentest?
>
> Let me outline the problem (in a simplistic way):
> - a black-box scanner can detect successful XSS by noticing the code it
> had injected in subsequent pages;
> - a black-box scanner can detect SQLI blindly;
> - other possible manifestations of an exploited vulnerability are 5xx
> codes and error mesages.
>
> I know only about ModSecurity Core Rule Set. It can be used to detect
> error messages.
>
> Does anyone know other sources?
>
> Thanks in advance!
>
> Andrew Petukhov,
> Moscow State University
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20091120/9b9f62dd/attachment.html 


More information about the OWASP-Leaders mailing list