Please excuse the cross-posting. I am scheduled to give a talk next month at Blackhat USA talking about real-world XSS attacks - http://www.blackhat.com/us-13/briefings.html#Wroblewski.
Greg and I are using a variety of data sources for analysis. As part of this effort, I would like to try and include some examples gathered from ModSecurity audit log data. So, if you have any ModSecurity audit logs where ModSecurity identified inbound XSS and an outbound anomaly related to the # of scripts present (see - https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/master/experimental_rules/modsecurity_crs_55_response_profiling.conf) please contact me. What we would like to do would be to include some example rendered HTML with XSS PoC testing, etc.. Thanks for you help. -- Ryan Barnett Trustwave SpiderLabs ModSecurity Project Leader OWASP ModSecurity CRS Project Leader ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
