Who can check private locked information on my phone with wifi
Im just curious on private locked information on my phone if i use a house wifi for a while
Continue reading Who can check private locked information on my phone with wifi
Collaborate Disseminate
Im just curious on private locked information on my phone if i use a house wifi for a while
Continue reading Who can check private locked information on my phone with wifi
I can find some old snort to mod_security posts here or there, but this is more for a Netscaler that will use SNORT.
Any advice or thoughts?
Seems this was edited: I can’t seem to find a tool to convert mod_servurity rules … Continue reading Convert Mod_security to Snort
Im trying to build RAT to test on my computer. I use ngrok for hacking on WAN. But ngrok has a problem of changing its subdomain once the connection is reset. So, I cant use ngrok for hacking over WAN. I tried using ngrok sub… Continue reading Any Alternative to Ngrok for constant Connection?
For a demo purpose i need to install a vulnerable application and i tried using XAMP server but it opens up many ports and not safe to use it. so please recommend a server to launch a vulnerable demo application in an sophist… Continue reading what type of server is best for launching a vulnerable application on an Organization network?
Working on a rule to block traffic based on the starting character of ARGS_NAMES either cookie, get or post
Example allow
name=Joe
Example block
#name=Joe
Test rule that is not working
SecRule ARGS_NAMES “^(#.*)$” “p… Continue reading ModSecurity Block based on ARGS_NAMES starting character
I’m looking to build up some stats and tune my detection rules for my webservers. I’m struggling with one major issue, though. How can I run my ModSecurity rules against past requests based on my access/error logs?
An other … Continue reading How to test ModSecurity rules against access/error logs?
I have some troubles whenever i request to a .js file via burp it returns me 304 Not Modified.
Anything to resolve this problem?
thanks
Continue reading Requesting JS file returns 304 Not Modified
Can the software ModSecurity defend from Brute Force Attacks on PHPmyadmin and WordPress as well?
A particular hosting company providing shared hosting told me that ModSecurity should cover PHPmyadmin and WordPress as well a… Continue reading Can ModSecurity defend from Brute Force Attacks on PHPmyadmin and WordPress as well?
In my modsecurity auditlog there is a binary file logged as text:
How can I prevent modsecurity from bloating my logfiles with the content of binary files like that?
Continue reading How can I prevent modsecurity from logging binary data
I am tripping mod_security on apache when outlook365 client on a laptop runs autodiscover.. Win10 os. ModSecurity thinks its an SQL injection.. “Detects basic SQL authentication bypass attempts”.
Is there a known issue with… Continue reading outlook client autodiscover SQL Injection