Create a gist now

Instantly share code, notes, and snippets.

anonymous /naxsi - stats
Created Apr 14, 2014

What would you like to do?
# 30-days - Naxsi-Stats (3 sensors, 10 domains)
# 2014-04-14
count | id | message
------+----------+-----------------------------
1880 1000 sql keywords
1721 1200 double dot
1646 1202 obvious probe
1420 10 10
1332 1310 [, possible js
1332 1311 ], possible js
1229 42000030 DN WEB_SERVER /proc/self - Access in URI
1028 42000316 DN SCAN WinHttpRequest - UA
1000 1100 http:// scheme
773 1001 double quote
746 1002 0x, possible hex encoding
741 1007 mysql comment (--)
739 1013 simple quote
655 1205 backslash
598 1016 mysql comment (#)
582 42000244 DN SCAN PHPMyAdmin - Scanner (2)
431 1303 html close tag
420 42000170 DN SCAN Scanner sqlmap
404 42000062 DN WEB_SERVER Generic JOOMLA-Exploit-Attempt (option=com_)
394 42000309 DN SCAN Misformed Proxy-Scan
379 1302 html open tag
291 42000261 DN WEB_SERVER possible WP-Scan (wp-login)
179 1009 equal in var, probable sql/xss
153 1314 grave accent !
148 42000313 DN SCAN Joomlas Administrator-Login-Attempt
131 42000317 DN SCAN Wordpress-UA, probably Botnet-Attack
112 12 12
97 42000262 DN WEB_SERVER possible WP-Scan (wp-admin)
94 11 11
76 42000310 DN SCAN Abnormal double http:// in HTTP header,
71 42000243 DN SCAN PHPMyAdmin - Scanner
64 1006 mysql keyword (&&)
60 42000047 DN WEB_SERVER PHPMyAdmin - Scripts/Setup-Request
60 42000071 DN WEB_APPS PHPMYADMIN setup.php - Access
56 1312 ~ character
44 42000311 DN SCAN poss. malicious Scanner using Fake UA Apache/Synapse
31 42000254 DN WEB_SERVER possible INI - File - Access
30 42000227 DN SCAN Scanner ZmEu exploit scanner
30 42000285 DN WEB_SERVER Joomla JCE-Exploit-Scan
28 1402 Content is neither mulipart/x-www-form..
26 1003 mysql comment (/*)
26 42000305 DN SCAN Possible HNAP-Exploit-Attempt
25 2 2
22 42000021 DN WEB_SERVER Tilde in URI, potential .php source disclosure vulnerability
22 42000271 DN WEB_SERVER ForumSpammer Access
22 42000319 DN SCAN Possible WHMCS - Scan
21 42000181 DN SCAN Scanner webster pro
20 42000128 DN SCAN Nessus-Scanner detected
19 1315 double encoding !
19 42000048 DN WEB_SERVER PHPINFO - in URL
18 1103 php:// scheme
17 14 14
13 42000203 DN SCAN Scanner Paros Proxy Scanner
13 42000321 DN SCAN probably Malicous UA
12 42000077 DN WEB_SERVER LIBWWW_perl-UA detected
12 42000307 DN SCAN WP-Contents/Plugins Access
8 42000082 DN WEB_SERVER Tomcat - Manager - Access
8 42000253 DN WEB_SERVER possible INC - File - Access
7 42000046 DN SCAN DFind w00tw00t GET-Requests
7 42000052 DN WEB_SERVER SVN_Repo-Access
7 42000070 DN WEB_SERVER possible sql-injection (CAST())
7 42000236 DN WEB_SERVER DoubleDot in URL
7 42000263 DN WEB_SERVER .htaccess - Access
6 1004 mysql comment (*/)
5 1010 parenthesis, probable sql/xss
5 42000002 DN APP_SERVER PHP-file-access
5 42000076 DN SCAN VTI_BIN - Access
4 42000054 DN WEB_SERVER HEX_string found
4 42000068 DN WEB_SERVER JAR - Download Request
4 42000156 DN SCAN Scanner safexplorer
3 42000003 DN APP_SERVER ASP_file access
3 42000043 DN SCAN WhatWeb Web Application Fingerprint Scanner Default User-Agent Detected
3 42000073 DN SCAN Python-urllib UA, possible Scanner
3 42000127 DN SCAN Scanner Amiga-Aweb
3 42000151 DN SCAN Scanner whatweb
2 1005 mysql keyword (|)
2 1101 https:// scheme
2 42000053 DN WEB_SERVER GIT_Repo-Access
2 42000079 DN WEB_SERVER VTI_RPC - Access
2 42000080 DN WEB_SERVER Apache ServerStatus - Access
2 42000145 DN SCAN Scanner morfeus
2 42000265 DN WEB_SERVER Plesk Apache Zeroday Remote Exploit - possible scan
2 42000306 DN SCAN Morfeus - F*cking-Scanner
1 1400 utf7/8 encoding
1 42000031 DN SCAN Muieblackcat scanner
1 42000032 DN WEB_SERVER PHP-EVAL - Attempt
1 42000049 DN WEB_SERVER PHP_SYSTEM_CMD
1 42000226 DN SCAN Scanner WITOOL SQL Injection Scan
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment