Actually that's really easy to implement in Apache's mod_rewrite, look at External Program.
I did one a while back where I basically dumped Nikto into a precompiled regexp map - it does catch quite a bit, I also use that agains PIX syslog messages.
/JE
Justin Shin wrote:
i know there's a lot of stupid jokes about XSS vulns right now, but I was wondering if there is any firewall or IDS software that can look for suspicious GET requests ... ie.
GET /vulnerablewebapp/?<XSS SHZNIT>
I'm sure there's a program out there ... and I'm stupid, please don't kill me...
-- Justin Shin
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
