Website Security

Fingerprinting web applications

This paper describes a technique to remotely detect the version (fingerprint) of a web application. We cover WordPress, Mediawiki and Joomla in the article, but it can be easily extended to other applications.

At the end, we also give you a live tool to fingerprint any site to see if we can give the right version.

Link:
http://sucuri.net/?page=docs&title;=fingerprinting-web-apps

David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

How to Improve Website Resilience for DDoS Attacks – Part I

Northon Torga
June 12, 2018

Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending…

Read the Post

What is FTP? Why use it to clean hacked websites?

Juliana Lewis
May 18, 2020

The File Transfer Protocol (FTP) is a network protocol used to transfer files between a client server and a network. In other words, it is…

Read the Post

New Wave of AnonymousFox Cron Jobs

Ben Martin
March 30, 2022

Recently our Remediation and Research teams have noticed a new wave of malicious cron jobs associated with the notorious AnonymousFox malware. The cron jobs are…

Read the Post

Ask Sucuri: What is an XSS Vulnerability?

Rodolfo Assis
April 20, 2016

Question: What is an XSS vulnerability? Should I be concerned about an XSS vulnerability? XSS (short for Cross-Site Scripting) is a widespread vulnerability that affects…

Read the Post

How to Add Security to Your Client’s Websites

Juliana Lewis
February 5, 2018

Website security has crossed the mind of nearly every website owner. However, as a website security company, we know that most webmasters come to us…

Read the Post

Spam content injection

Samuel Odendaal
February 21, 2017

During a recent incident response investigation, we detected an infected website loading spam content from another location. The malware was responsible for fetching the spam…

Read the Post

SSL vs. Website Security

Gerson Ruiz
September 25, 2018

Having a website today is way easier than it was 10 or 15 years ago. Tools like content management systems (CMS), website builders, static site…

Read the Post

Most Interesting Vulnerabilities of 2021

Ashley Sand
December 27, 2021

As with most years, there’s been a wide array of critical vulnerabilities found within content management systems, plugins, API keys, etc. We’ll be recapping our…

Read the Post