Collaborate Disseminate
I have very little experience with security (still learning) however was combing through my logs and I noticed the following request:
“GET /index.php?s=/index/\\think\\app/invokefunction&function=call_user_func_array&… Continue reading How to prevent users from executing commands through browser URL?
I wish to implement logging and auditing features on a Windows 10 client used for carrying out secure transactions through our FTP server, with a client organisation.
What all features could I select in the Windows’ auditin… Continue reading Monitoring of Logging
How do I detect brute force attack is attempted in my web application either for user login or admin login hosted in apache server.
Continue reading Brute force attack detection mechanism from apache access_log files [on hold]
I have integrated my windows servers with qradar siem using sysmon to monitor log activities. I would like to do the same with linux servers. is there any utility like sysmon i can use?
There are various methods to find attack patterns for different types of attacks. Apache-scalp is one such tool, but the rule set is not available to find the brute-force attack pattern via regular expression. I would love to know the diff… Continue reading What are the common features to identify Brute-Force attack from Apache log file?
is there any tools that I give it web server log (like Apache web server) and analyze it if there was any attack or not?
I don’t want to use SIEM.
I made a script that reads the log file of the modsec 3 module in apache.
It sends an email every 5 minutes with new triggers. I discovered that it is also possible to execute a script (e.g. send email) on a rule trigger (lin… Continue reading mod security rule to send email on every trigger
I am new here in security.
I want to identify suspicious users on web application by analyzing web access log file. For this, I am considering CSRF attack.
For this purpose, I am generating some heuristic (possible) rules f… Continue reading Heuristics to Identify CSRF from Web Access Log File
I have tried CSRF attack on web vulnerability application known as DVWA at my localhost and on kali linux OS. I have changed password on this application by using CSRF. It has collected following log entries in access log.
1… Continue reading What are the common features to identify CSRF attack from Apache log file?
As a beginner in security research project, I came across log injection and my question is itself about log injection files.
Are log injection files executable, if no, how do they execute/run malicious code/files uploaded on… Continue reading Are log files executable files?