The Honeynet Project has released a new paper called “Know Your Enemy: Web Application Threats“. This paper describes the basics of a typical attack against web applications such as web mail, bulletin boards, and others. Many of the targeted applications appear to be based on PHP. I’m guessing this is due to the popularity of the language, as well as the frequent discovery of vulnerabilities – which may again be due to its popularity. The Honeynet Project presents some unique trends and characteristics of web application attacks in “the wild” that they’ve been able to capture. In addition to all the data, they describe their research methods – for those of us who like to know how it’s done.
Related posts:
