alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] Vega Web Application Scan"; content: "User-Agent"; content: "Vega"; parse_src_ip: 1; parse_dst_ip: 2; reference:url,www.subgraph.com/products.html; reference:url,www.darknet.org.uk/2011/07/vega-open-source-cross-platform-web-application-security-assessment-platform/; flowbits: set, recon, 86400; classtype:attempted-recon; sid:5001843; rev:2;)

-- Main.Sagan-Wiki-Add - 2015-10-21

New revisions of 5001843 will be below...

alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] Vega Web Application Scan"; content: !"Vegas"; content: "Vega"; content: "User-Agent"; parse_src_ip: 1; parse_dst_ip: 2; reference:url,www.subgraph.com/products.html; reference:url,www.darknet.org.uk/2011/07/vega-open-source-cross-platform-web-application-security-assessment-platform/; flowbits: set, recon, 86400; classtype:attempted-recon; sid:5001843; rev:3;)

-- Main.Sagan-Wiki-Add - 2016-11-7

Topic revision: r1 - 2015-10-21 - Sagan-Wiki-Add
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback