< Web Exploit Finder | "Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure" >

"Know Your Enemy: Web Application Threats"

The Honeynet Project & Research Alliance is pleased to announce the release of a new paper "Know Your Enemy: Web Application Threats". This technical white paper provides behind the scenes information on various HTTP-based attacks against web applications, including remote file inclusion and exploitation of the PHPShell application. The paper is based on the research and data collected from the Chicago Honeynet Project, the New Zealand Honeynet Project and the German Honeynet Project during multiple honeypot compromises.

The paper is available at Know Your Enemy: Web Application Threats.

Along with the release of this paper, comes new functionality to the "Google Hack" Honeypot (GHH), used extensively in the paper. GHH now includes an automated malware collection function, as well as remote XML-RPC logging for SSL support. GHH is available at http://ghh.sourceforge.net/
This entry was posted by Thorsten Holz on Sunday, February 25. 2007 at 10:47. and is filed under honeynets. You can leave a response, or trackback from your own blog. All new comments are subject to moderation before being displayed.

Trackbacks

Trackback specific URI for this entry

    No Trackbacks

Comments

Display comments as (Linear | Threaded)

    No comments


Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA
 
Submitted comments will be subject to moderation before being displayed.