Recebi um link da lista Owasp-Brasilian para o documento ‘Detecting Attacks on Web Applications from Log Files’. Sao abordados os seguintes topicos:

1 Abstract......................................................3
2 Introduction..................................................4
3 Attacks on Web Applications...................................5
3.1 Web server log files......................................6
3.2 Primer on HTTP............................................8
3.2.1 HTTP Evasion Techniques..............................12
3.3 Regular Expressions (Regex)..............................14
4 Detecting Attacks............................................15
4.1 Rulebased Detection (static rules)......................20
4.1.1 Negative Security Model..............................20
4.1.2 Positive Security Model..............................21
4.2 Anomalybased Detection (dynamic rules)..................21
4.3 Detecting the OWASP Top Ten 2007.........................22
4.3.1 A1 Cross Site Scripting (XSS)......................22
4.3.2 A2 Injection Flaws.................................26
4.3.3 A3 Malicious File Execution........................32
4.3.4 A4 Insecure Direct Object Reference................33
4.3.5 A5 Cross Site Request Forgery (CSRF)...............35
4.3.6 A6 Information Leakage and Improper Error Handling. 37
4.3.7 A7 Broken Authentication and Session Management. . . .38
4.3.8 A8 Insecure Cryptographic Storage..................39
4.3.9 A9 Insecure Communications.........................40
4.3.10 A10 Failure to Restrict URL Access................41
5 Conclusion...................................................42
6 References...................................................42