« Adobe yanks speech exposing critical 'clickjacking' vulns | Main | Off Topic: Hackers claim break-in to Palin's e-mail account »

Tools: Scalp - Apache log analyzer for security

Romain Gaucher posted the following email to The Web Security Mailing List today announcing a handy tool he authored.

"I remember reading here a couple of emails about how to analyze the
apache log in order to look for potential attacks.
Since I needed to do exactly the same few times ago, I did a simple
python script that does this using PHP-IDS' regular expression.

So you can find it here:

It includes a couple of options in order to accelerate the scan of the
files, such as specifying the time frame, the type of attack etc. It
produces basic output (HTML, XML or TEXT)."


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

loool the tool detects this "/application/view.php?appli=189%20union%20select%20all%20from%20utilisateurs%20--" as an XSS attack... seriously!!