Generic Attack Detection - ph-Neutral 0x7d8

2 likes1,563 views

Mario Heiderich presents on generic attack detection using PHPIDS. PHPIDS uses 70 regex rules to detect attacks like XSS and SQLi by analyzing user input. It first normalizes the input, then detects patterns through a conversion and detection process, and can log or report any findings. PHPIDS aims to avoid blacklisting traps through this generic approach. Future work may include optimizing existing detection routines and adding more granular analysis techniques.

Business Technology

Generic Attack Detection - ph-Neutral 0x7d8

More Related Content

What's hot (20)

PDF

Locking the Throneroom 2.0Mario Heiderich

PDF

The Ultimate IDS SmackdownMario Heiderich

PDF

I thought you were my friend - Malicious MarkupMario Heiderich

PDF

Dev and Blind - Attacking the weakest Link in IT SecurityMario Heiderich

PDF

Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Mario Heiderich

PDF

The Future of Web Attacks - CONFidence 2010Mario Heiderich

PDF

A XSSmas carolcgvwzq

PDF

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...Mario Heiderich

PDF

Breaking AngularJS Javascript sandboxMathias Karlsson

PPTX

An overview of node.jsvaluebound

PDF

Building Advanced XSS VectorsRodolfo Assis (Brute)

PDF

Trusted Types @ W3C TPAC 2018Krzysztof Kotowicz

PDF

Trusted Types and the end of DOM XSSKrzysztof Kotowicz

PPTX

Hacking - Breaking Into ItCTruncer

PDF

Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz

PDF

Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette

PDF

Bringing Down the House - How One Python Script Ruled Over AntiVirusCTruncer

PDF

The Supporting Role of Antivirus Evasion while PersistingCTruncer

PDF

Clean CodeISchwarz23

PDF

Ruxmon cve 2012-2661snyff

Locking the Throneroom 2.0Mario Heiderich

The Ultimate IDS SmackdownMario Heiderich

I thought you were my friend - Malicious MarkupMario Heiderich

Dev and Blind - Attacking the weakest Link in IT SecurityMario Heiderich

Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Mario Heiderich

The Future of Web Attacks - CONFidence 2010Mario Heiderich

A XSSmas carolcgvwzq

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...Mario Heiderich

Breaking AngularJS Javascript sandboxMathias Karlsson

An overview of node.jsvaluebound

Building Advanced XSS VectorsRodolfo Assis (Brute)

Trusted Types @ W3C TPAC 2018Krzysztof Kotowicz

Trusted Types and the end of DOM XSSKrzysztof Kotowicz

Hacking - Breaking Into ItCTruncer

Trusted Types - Securing the DOM from the bottom up (JSNation Amsterdam)Krzysztof Kotowicz

Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette

Bringing Down the House - How One Python Script Ruled Over AntiVirusCTruncer

The Supporting Role of Antivirus Evasion while PersistingCTruncer

Clean CodeISchwarz23

Ruxmon cve 2012-2661snyff

Similar to Generic Attack Detection - ph-Neutral 0x7d8 (20)

PDF

OWASP PHPIDS talk slidesguestd34230

PPT

Php Security By Mugdha And AnishOSSCube

PDF

Secure PHP CodingNarudom Roongsiriwong, CISSP

PDF

Whatever it takes - Fixing SQLIA and XSS in the processguest3379bd

PDF

Php Securityguest7cf35c

PDF

17726 bypassing-phpids-0.6.5Attaporn Ninsuwan

PPTX

Secure Coding Shubham Sharma

PDF

Intro to Php SecurityDave Ross

PDF

How not to suck at Cyber SecurityChris Watts

PDF

2 Roads to Redemption - Thoughts on XSS and SQLIAguestfdcb8a

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

PDF

API Upload Testdecatv

OWASP PHPIDS talk slidesguestd34230

Php Security By Mugdha And AnishOSSCube

Secure PHP CodingNarudom Roongsiriwong, CISSP

Whatever it takes - Fixing SQLIA and XSS in the processguest3379bd

Php Securityguest7cf35c

17726 bypassing-phpids-0.6.5Attaporn Ninsuwan

Secure Coding Shubham Sharma

Intro to Php SecurityDave Ross

How not to suck at Cyber SecurityChris Watts

2 Roads to Redemption - Thoughts on XSS and SQLIAguestfdcb8a

API Upload Testdecatv

Recently uploaded (20)

PDF

Buy Boys Long Sleeve T-shirts at Port 213Port 213

PPTX

Washington University of Health and Science A Choice You Can TrustWashington University of Health and Science

PPTX

Why-Your-BPO-Startup-Must-Track-Attrition-from-Day-One.pptx.pptxOrage technologies

PDF

Securiport - A Global LeaderSecuriport

PDF

SUMMER SAFETY FLYER SPECIAL Q3 - 16 PagesOne Source Industrial Supplies

PDF

David Badaro Explains 5 Steps to Solving Complex Business IssuesDavid Badaro

PDF

NewBase 07 July 2025 Energy News issue - 1800 by Khaled Al Awadi_compressed.pdfKhaled Al Awadi

PPTX

epi editorial commitee meeting presentationMIPLM

PDF

Raman Bhaumik - A Passion For ServiceRaman Bhaumik

PDF

LEWIONICS SCO Company Profile UAE JULY 2025Natalie Lewes

PDF

LDM Recording for Yogi Goddess Projects Summer 2025LDMMia GrandMaster

PPTX

Hackathon - Technology - Idea Submission Template -HackerEarth.pptxnanster236

PDF

Native Sons Of The Golden West - Boasts A Legacy Of Impactful LeadershipNative Sons of the Golden West

PDF

Dr. Enrique Segura Ense Group - A Philanthropist And EntrepreneurDr. Enrique Segura Ense Group

DOCX

TCP Communication Flag Txzczczxcxzzxypes.docxesso24

PDF

Connecting Startups to Strategic Global VC Opportunities.pdfGoogle

PDF

CBV - GST Collection Report V16. pdf.writer28

PDF

kcb-group-plc-2024-integrated-report-and-financial-statements (3).pdfDanielNdegwa10

PDF

Azumah Resources reaffirms commitment to Ghana amid dispute with Engineers & ...Kweku Zurek

PDF

20250703_A. Stotz All Weather Strategy - Performance review JulyFINNOMENAMarketing

Buy Boys Long Sleeve T-shirts at Port 213Port 213

Washington University of Health and Science A Choice You Can TrustWashington University of Health and Science

Why-Your-BPO-Startup-Must-Track-Attrition-from-Day-One.pptx.pptxOrage technologies

Securiport - A Global LeaderSecuriport

SUMMER SAFETY FLYER SPECIAL Q3 - 16 PagesOne Source Industrial Supplies

David Badaro Explains 5 Steps to Solving Complex Business IssuesDavid Badaro

NewBase 07 July 2025 Energy News issue - 1800 by Khaled Al Awadi_compressed.pdfKhaled Al Awadi

epi editorial commitee meeting presentationMIPLM

Raman Bhaumik - A Passion For ServiceRaman Bhaumik

LEWIONICS SCO Company Profile UAE JULY 2025Natalie Lewes

LDM Recording for Yogi Goddess Projects Summer 2025LDMMia GrandMaster

Hackathon - Technology - Idea Submission Template -HackerEarth.pptxnanster236

Native Sons Of The Golden West - Boasts A Legacy Of Impactful LeadershipNative Sons of the Golden West

Dr. Enrique Segura Ense Group - A Philanthropist And EntrepreneurDr. Enrique Segura Ense Group

TCP Communication Flag Txzczczxcxzzxypes.docxesso24

Connecting Startups to Strategic Global VC Opportunities.pdfGoogle

CBV - GST Collection Report V16. pdf.writer28

kcb-group-plc-2024-integrated-report-and-financial-statements (3).pdfDanielNdegwa10

Azumah Resources reaffirms commitment to Ghana amid dispute with Engineers & ...Kweku Zurek

20250703_A. Stotz All Weather Strategy - Performance review JulyFINNOMENAMarketing