Attack patterns in database and more attack detection support
17 March 2016, 10:51
How it will be possible to add attack detection pattern added into database and more attack detection in database. It should be dynamic.
18 March 2016, 10:25
What patterns would you like to add? With what user input and query is SQL injection still possible?
18 March 2016, 12:16
I want to add patterns for XSS, SQLI, RFI, LFI, CSRF, Remote code execution and more for attack detection.
19 March 2016, 11:37
Hiawatha only has patterns for SQLi. The rest is detected in another way. What SQLi patters are missing according to you? How is SQLi still possible?
28 March 2016, 09:15
How i can write a common function for all types of attack pattern detection ?? So that i can add more attack patterns in hiawatha that will provide security to my websites. Currently you used init_sqli_detection, prevent_sqli, prevent_sqli_str etc. i wanna these common functions that will detect all types of attacks. so how i can change in code for that functionality.
28 March 2016, 15:55
Look in src/target.c wherr the calls to prevent_sqli() etc are. Extend there.
This topic has been closed.