ModSecurity SQL Injection Challenge: Lessons Learned
July 26, 2011 | Ryan Barnett
This is a post-mortem blog post to discuss the successful Level II evasions ...
A whole lot of Spiders at DEF CON 19
July 26, 2011 | SpiderLabs Anterior
Next week members of Trustwave's SpiderLabs team will be headed to Las Vegas to ...
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain
July 25, 2011 | Josh Grunzweig
The SpiderLabs team at Trustwave published a new advisory today, which details ...
Advanced Topic of the Week: (Updated) Real-time Blacklist Lookups
July 19, 2011 | Ryan Barnett
Updated - the information in this blog has been updated to reflect the current ...
Announcing Release of ModSecurity v2.6.1
July 18, 2011 | Ryan Barnett
Availability of ModSecurity 2.6.1-RC1 Release (July 18, 2011) The ModSecurity ...
Spiders Are FUN!!! at DEF CON 19
July 15, 2011 | Zack Fasel
DEF CON's coming up soon (3 weeks to be exact), and there's a lot of excellent ...
(Updated) ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks
July 13, 2011 | Ryan Barnett
Update - the latest version of the ModSecurity 2.6 has a new directive called ...
Announcing Release of ModSecurity v2.6.1-RC1
June 30, 2011
Availability of ModSecurity 2.6.1-RC1 Release (June 30, 2011) The ModSecurity ...
Announcing the ModSecurity SQL Injection Challenge
June 22, 2011 | Ryan Barnett
The ModSecurity Project Team is happy to announce our first community hacking ...
TWSL2011-006: IBM Web Application Firewall Bypass
June 21, 2011
The SpiderLabs team at LevelBlue published a new advisory today, which details ...
ModSecurity Advanced Topic of the Week: Application Logout Response Actions
June 21, 2011 | Ryan Barnett
Application Defense Response Actions What is the best way to respond to ...
Patch the Vuln - Feathers - SQLi
June 20, 2011 | Ryan Barnett
Spot the Vuln -> Patch the Vuln SpotTheVuln This blog post series is ...
My Other Ride is Your Image Upload Script
June 13, 2011 | Dan Crowley
Many security issues are based upon mistaken assumptions. For instance, when ...
ModSecurity Advanced Topic of the Week: Unicode Mapping Support
June 07, 2011 | Ryan Barnett
ModSecurity Happy Hour at Blackhat USA 2011
June 06, 2011 | Ryan Barnett
I am excited to announce that SpiderLabs will be hosting a ModSecurity Happy ...
Announcing Release of OWASP ModSecurity Core Rule Set v2.2.0
May 26, 2011 | Ryan Barnett
The ModSecurity Development Team is pleased to announce the release of the ...
Analysis and Evolution of MacDefender OS X Fake AV Scareware
May 24, 2011 | Eric Monti
Over the last month, a new fake AV scareware variant has been circulating for ...
Announcing Release of ModSecurity v2.6.0
May 24, 2011
The ModSecurity Development Team is pleased to announce the availability of ...
National Cyber Safety Awareness Day is May 17th
May 17, 2011
We're taking a short break from our normal technical posts to write about ...
Analyzing Malware Hollow Processes
May 16, 2011
The Malware Analyst's Cookbook is a great book. In it the authors talked about ...
Latest Web Hacking Incident Database (WHID) Entries
May 16, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Unicode Visual Spoofing for Good: Confusable CAPTCHAs
May 10, 2011 | Ryan Barnett
In this blog post, I will show a proof of concept method of leveraging Unicode ...
Latest Web Hacking Incident Database (WHID) Entries (1)
May 09, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
ModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 2 - Watcher Checks
May 03, 2011 | Ryan Barnett
In a previous blog post entitled "ModSecurity Advanced Topic of the Week: ...
Latest Web Hacking Incident Database (WHID) Entries(2)
May 02, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Reaching Trustwave's WebDefend Minus World
April 27, 2011 | Ryan Barnett
So my inbox lit up today with a Full Disclosure note about a vulnerability in ...
Who's in the Driver's Seat?
April 26, 2011 | SpiderLabs Anterior
Events over the last seven days have dramatically underlined the pitfalls and ...
Detecting Malice with ModSecurity: Request Method Anomalies
April 26, 2011 | Ryan Barnett
This week's installment of Detecting Malice with ModSecurity will discuss how ...