Blog

CRS Project News December 2017

This is the CRS newsletter covering the period from Early November until today. We held our monthly community chat. We had quite a few people stop by. Special thanks to lifeforms for leading the chat. lifeforms emphazer franbuehler spartantri fzipi hamlet_ Our agenda from before the chat is available here. We had a short chat, …

CRS Project News December 2017Read More »

Disassembling SQLi Rules

Introduction I would like to explain my work disassembling highly optimized regular expressions. A project like this might discourage many people, but to me, it is very exciting work! I like this kind of investigative work and want to explain what, exactly, I did, why I did it and how! What’s the problem? The SQLi …

Disassembling SQLi RulesRead More »

CRS Project News November

This is the CRS newsletter covering the period from Early October until today. We held our monthly community chat. We had quite a few people stop by. Special thanks to our active participants: dune73 fzipi csanders franbuehler emphazer spartantri luketheduke techair jose_ airween athmane bostrt During the chat we discussed the following Promotion of 3 …

CRS Project News NovemberRead More »

CRS Project News October 2017

This is the CRS newsletter covering the period from Early September until today. We held our monthly community chat. We had quite a few people stop by. Special thanks to our active participants: dune73 fzipi csanders franbuehler lifeforms emphazer fgs squared spartantri ossie buddyleer During the chat we discussed the following We will be moving …

CRS Project News October 2017Read More »

OptionsBleed Defenses

This week we saw the release of another named vulnerability (-_-). This time it was entitled: Optionsbleed. While the name provided is meant in reference to Heartbleed, this vulnerability isn’t nearly as far reaching. The vulnerability only affected Apache hosts with a very particular configuration and as a result only 0.0466% of the Alexa top …

OptionsBleed DefensesRead More »