security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da54e89f3045fdf23daa2dbdfd712aceb393ae90
blue-team-tools/rules/application/appframework_spring_exceptions.yml
T

25 lines
731 B
YAML
Raw Normal View History

fix: fixed casing and long rule titles
2020-01-30 17:26:09 +01:00
title: Spring Framework Exceptions
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
id: ae48ab93-45f7-4051-9dfe-5d30a3f78e33
Spring framework security exceptions rule
2017-08-06 23:21:53 +02:00
description: Detects suspicious Spring framework exceptions that could indicate exploitation attempts
author: Thomas Patzke
fix: fixed missing date fields in other files
2020-01-30 15:32:39 +01:00
date: 2017/08/06
Change "reference" to "references" to match new schema
2018-01-28 02:12:19 +03:00
references:
Spring framework security exceptions rule
2017-08-06 23:21:53 +02:00
- https://docs.spring.io/spring-security/site/docs/current/apidocs/overview-tree.html
logsource:
Application security rules
2017-08-12 00:43:10 +02:00
category: application
Spring framework security exceptions rule
2017-08-06 23:21:53 +02:00
product: spring
detection:
keywords:
- AccessDeniedException
- CsrfException
- InvalidCsrfTokenException
- MissingCsrfTokenException
- CookieTheftException
- InvalidCookieException
- RequestRejectedException
condition: keywords
falsepositives:
- Application bugs
- Penetration testing
level: medium
Reference in New Issue Copy Permalink