-
@quenenni commented on [Wed Jun 21 2017](https://github.com/SpiderLabs/ModSecurity/issues/1469)
Debian Jessie
libapache2-modsecurity v2.8.0-3
CRS v3.0.2
---------------------------------------…
-
### Description
I've encountered some shell false positives for 932260 (PL1) , 932236 and 932239 (PL2) for commands like sudo, df, fd, and grc.
Some of these I'm obviously familiar with, but…
-
Those who have "advanced capabilities" could be able to distribute recommended countermeasures (CM) (adding technical details to the suggested COAs).
This could be possible, for example, with a simple…
-
### Description
In version 4.6.0, rule 932270 seems a little too aggressive on the tilde + number matches. For example, "~20 minutes" triggers a false positive. I wonder if `https://github.com/core…
-
## Problem to Solve
When adding a new TTP from the knowledge space of a report, it is nowhere visible to which matrice the TTP belongs to (such as MITRE Entreprise or MITRE Mobile, or any other mat…
-
We only need the POST endpoints and the version endpoint (not object version)
We will still use these to link to CVEs, but don't need to maintain an extensive list of endpoints for user to search and…
-
STIX has three types for creating and referencing kill chains and kill chain phases:
- `KillChainType`
- `KillChainPhaseType`
- `KillChainPhaseReferenceType`
`KillChainType` is used to define kill ch…
-
## Description
**Maximum recursion depth exceeded while calling a Python object**
Related: #267
```
INFO:root:Listing Threat-Actors with filters null.
INFO:root:Listing Threat-Actors with fi…
-
In DeliveryDrone.aadl:
```
actuation: system Actuation
{
-- VERDICT Component Properties
CASE_Consolidated_Properties::componentType => Hardware;
CASE_Consolidated_Properties::…
-
# WhiteSource SAST Security Report for SQL Injection (CWE 89)
**Latest Scan:** 2022-03-02 07:30pm
**New Vulnerabilities:** 1
**Total Vulnerabilities:** 2
**Scan URL:** [WhiteSource SAST](https:/…