ShareWhite Papers
| Selected Tag: Web Application Attacks | Show All | |
 
|
NEW: Anatomy of an XSS CampaignThe Imperva Application Defense Center (ADC) observed the full anatomy of a cross-site scripting (XSS) campaign, showing why it's so easy to conduct a muscular phishing campaign in just under an hour. Tags: Web Application Security, Threats, Web Application Attacks, Cross-Site Scripting, XSS |
|
Blame it on the Media(Bot) -- Using Google Advertising Mechanism for Web Application AttacksThe research summarized in this paper is aimed at demonstrating how search engines can be manipulated to serve as attack tools. We were able to show that the AdWords and AdSense services from Google can indeed be used to launch attacks against unsuspecting web applications. Attacks types we were able to demonstrate include buffer overflows, SQL injections and CSRFs. Tags: ADC, Google Hacking, Web Application Attacks, Buffer Overflow, SQL Injection, CSRF, Web Application Security |
|
Blindfolded SQL InjectionUntil today, exploiting SQL server injection attacks depended on having the Web Server return detailed error messages or having any other source of information. As a result, many security administrators suppressed these error messages, assuming this would protect them from SQL server injection exploitation. This white paper shows, however, that suppressing the error messages does not provide real protection. Imperva ADC research reveals a set of techniques that can be easily used to bypass error suppression, making it clear that more substantial measures must be taken against SQL server injection attacks. Tags: ADC, SQL Injection, Blindfolded SQL Injection, Web Application Attacks, Web Application Security |
|
SecureSphere and OWASP 2010 Top Ten Most Critical Web Application Security RisksThe Open Web Application Security Project (OWASP) Top Ten is widely recognized as one of the leading standards for identifying critical web application security risks. This paper analyzes the latest 2010 release of the OWASP Top Ten most critical web application security risks and outlines how SecureSphere Web Application Firewall (WAF) addresses and mitigates each OWASP Top Ten threat. Tags: Web Application Security, Threats, Web Application Attacks, OWASP |
| Selected Tag: Web Application Attacks | Show All | |