The Honeynet ProjectThe Honeynet Project

  • Old Homepage

Navigation

  • About us
  • Blogs
    • Honeynet Project Blog
  • Funding/Donations
  • Challenges
  • Chapters
  • Papers
  • Projects
  • Code of Conduct
  • Google SoC
    • Google SoC 2013
    • Google SoC 2012
    • Google SoC 2011
    • Google SoC 2010
    • Google SoC 2009
  • GSoC
  • Latest images
  • Security Workshops
    • 2011 - Paris
    • 2012 - SF Bay Area
    • 2013 - Dubai

Internal

  • Login
Home

Know your Enemy: Web Application Threats

Mon, 08/04/2008 - 20:43 — jamie.riden

Using Honeypots to learn about HTTP-based attacks
Primary Authors
Jamie Riden, New Zealand Honeynet Project
Ryan McGeehan, Chicago Honeynet Project
Brian Engert, Chicago Honeynet Project
Michael Mueter, German Honeynet Project

  • Introduction
  • Why Web applications are at High Risk
  • Fundamentals of an Attack
  • Trends in Discovery Techniques
  • Exploitation Trends
  • Trends in Evasion and Anonymity
  • Current Research Methods
  • Protecting Web Servers
  • Conclusions
  • Future Work
  • References
  • Credits
  • Appendix A - Examples
  • Appendix B - c99.php utility
  • Appendix C - Sample code from a Perl bot
  • Appendix D - Individual Graphs of PHP Honeypot Attacks
  • Appendix E - Author Biographies
  • Reviewers
Introduction ›
  • Printer-friendly version

Aggregated Blog

We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.





Papers

  • Introduction
  • Why Web applications are at High Risk
  • Fundamentals of an Attack
  • Trends in Discovery Techniques
  • Exploitation Trends
  • Trends in Evasion and Anonymity
  • Current Research Methods
  • Protecting Web Servers
  • Conclusions
  • Future Work
  • References
  • Credits
  • Appendix A - Examples
  • Appendix B - c99.php utility
  • Appendix C - Sample code from a Perl bot
  • Appendix D - Individual Graphs of PHP Honeypot Attacks
  • Appendix E - Author Biographies
  • Reviewers