Thread-topic: FYI: Know your Enemy: Web Application Threats
> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf
> Of Gadi Evron
> Sent: Sunday, February 25, 2007 11:29 AM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Cc: php-wars@xxxxxxxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: [Full-disclosure] Know your Enemy: Web Application Threats
>
> Jamie Riden, Ryan McGeehan, Brian Engert and Michael Mueter
> just released
> an Honeynet paper on Web security called: Know your Enemy: Web
> Application Threats
>
> You can find their paper here:
>
>
> The paper is very good, and deals with all kinds of web
> threats such as
> SQL Injection and XSS. Of most interest to me were the Code
> Injection and
> Remote Code-Inclusion due to my own research in that field.
> The Honeynet paper deals with many issues other than these, and
> is most definitely recommended reading.
>
> Jamie Riden has written a paper on web honey pots in the
> past. These guys
> know what they are talking about.
>
> Gadi.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> Hosted and sponsored by Secunia -
>
