[Cross posted from SANS ISC] SANS ISC started the Dshield Web Honeypot project roughly one year ago. The goal of this project is to replicate what Dshield had done for the community on the web application side. We are not trying to detect targeted attacks but fast scanning and replicating threats that has potential to … Continue reading Dshield Web Honeypot going beta
I deal with infrastructure and application security testing on a regular basis. On the infrastructure/network side, the consulting and testing market is much more mature, definition of pentest and vulnerability assessment are industry accepted. It is easy to communicate with other folks about the work involved. On the application side, things are not as well … Continue reading Web application penetration testing VS vulnerability assessment
While web application spans over multiple sites boundary, it is essential to keep track of where the users are being directed. This is pretty much a basic logging and audit trail concept. While it is easy to understand in theory, it is not always easy to see where it should be implemented. Development communities sometimes … Continue reading Logging Links to 3rd party provider
For incident handling, forensics or troubleshooting purposes, packet sniffing is often used to understand the information exchange between two hosts. HTTP traffic packets are often sniffed so that the full header and body can be revealed easily, especially on the server side. On the client side, most commonly used technique is to use a proxy … Continue reading Examine HTTP compressed gzip content
Welcome to the SANS Application Security Blog. This is a collective effort by SANS web app sec instructors and volunteers to bring you the latest techniques in defending and testing web applications and well as interesting secure development related information. Continue reading Welcome to the new blog!