Skip to content

Instantly share code, notes, and snippets.

/naxsi - stats
Created Apr 14, 2014

Embed
What would you like to do?
# 30-days - Naxsi-Stats (3 sensors, 10 domains)
# 2014-04-14
count | id | message
------+----------+-----------------------------
1880 1000 sql keywords
1721 1200 double dot
1646 1202 obvious probe
1420 10 10
1332 1310 [, possible js
1332 1311 ], possible js
1229 42000030 DN WEB_SERVER /proc/self - Access in URI
1028 42000316 DN SCAN WinHttpRequest - UA
1000 1100 http:// scheme
773 1001 double quote
746 1002 0x, possible hex encoding
741 1007 mysql comment (--)
739 1013 simple quote
655 1205 backslash
598 1016 mysql comment (#)
582 42000244 DN SCAN PHPMyAdmin - Scanner (2)
431 1303 html close tag
420 42000170 DN SCAN Scanner sqlmap
404 42000062 DN WEB_SERVER Generic JOOMLA-Exploit-Attempt (option=com_)
394 42000309 DN SCAN Misformed Proxy-Scan
379 1302 html open tag
291 42000261 DN WEB_SERVER possible WP-Scan (wp-login)
179 1009 equal in var, probable sql/xss
153 1314 grave accent !
148 42000313 DN SCAN Joomlas Administrator-Login-Attempt
131 42000317 DN SCAN Wordpress-UA, probably Botnet-Attack
112 12 12
97 42000262 DN WEB_SERVER possible WP-Scan (wp-admin)
94 11 11
76 42000310 DN SCAN Abnormal double http:// in HTTP header,
71 42000243 DN SCAN PHPMyAdmin - Scanner
64 1006 mysql keyword (&&)
60 42000047 DN WEB_SERVER PHPMyAdmin - Scripts/Setup-Request
60 42000071 DN WEB_APPS PHPMYADMIN setup.php - Access
56 1312 ~ character
44 42000311 DN SCAN poss. malicious Scanner using Fake UA Apache/Synapse
31 42000254 DN WEB_SERVER possible INI - File - Access
30 42000227 DN SCAN Scanner ZmEu exploit scanner
30 42000285 DN WEB_SERVER Joomla JCE-Exploit-Scan
28 1402 Content is neither mulipart/x-www-form..
26 1003 mysql comment (/*)
26 42000305 DN SCAN Possible HNAP-Exploit-Attempt
25 2 2
22 42000021 DN WEB_SERVER Tilde in URI, potential .php source disclosure vulnerability
22 42000271 DN WEB_SERVER ForumSpammer Access
22 42000319 DN SCAN Possible WHMCS - Scan
21 42000181 DN SCAN Scanner webster pro
20 42000128 DN SCAN Nessus-Scanner detected
19 1315 double encoding !
19 42000048 DN WEB_SERVER PHPINFO - in URL
18 1103 php:// scheme
17 14 14
13 42000203 DN SCAN Scanner Paros Proxy Scanner
13 42000321 DN SCAN probably Malicous UA
12 42000077 DN WEB_SERVER LIBWWW_perl-UA detected
12 42000307 DN SCAN WP-Contents/Plugins Access
8 42000082 DN WEB_SERVER Tomcat - Manager - Access
8 42000253 DN WEB_SERVER possible INC - File - Access
7 42000046 DN SCAN DFind w00tw00t GET-Requests
7 42000052 DN WEB_SERVER SVN_Repo-Access
7 42000070 DN WEB_SERVER possible sql-injection (CAST())
7 42000236 DN WEB_SERVER DoubleDot in URL
7 42000263 DN WEB_SERVER .htaccess - Access
6 1004 mysql comment (*/)
5 1010 parenthesis, probable sql/xss
5 42000002 DN APP_SERVER PHP-file-access
5 42000076 DN SCAN VTI_BIN - Access
4 42000054 DN WEB_SERVER HEX_string found
4 42000068 DN WEB_SERVER JAR - Download Request
4 42000156 DN SCAN Scanner safexplorer
3 42000003 DN APP_SERVER ASP_file access
3 42000043 DN SCAN WhatWeb Web Application Fingerprint Scanner Default User-Agent Detected
3 42000073 DN SCAN Python-urllib UA, possible Scanner
3 42000127 DN SCAN Scanner Amiga-Aweb
3 42000151 DN SCAN Scanner whatweb
2 1005 mysql keyword (|)
2 1101 https:// scheme
2 42000053 DN WEB_SERVER GIT_Repo-Access
2 42000079 DN WEB_SERVER VTI_RPC - Access
2 42000080 DN WEB_SERVER Apache ServerStatus - Access
2 42000145 DN SCAN Scanner morfeus
2 42000265 DN WEB_SERVER Plesk Apache Zeroday Remote Exploit - possible scan
2 42000306 DN SCAN Morfeus - F*cking-Scanner
1 1400 utf7/8 encoding
1 42000031 DN SCAN Muieblackcat scanner
1 42000032 DN WEB_SERVER PHP-EVAL - Attempt
1 42000049 DN WEB_SERVER PHP_SYSTEM_CMD
1 42000226 DN SCAN Scanner WITOOL SQL Injection Scan
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.