OWASP DirBuster — Busted By SiteWALL
Today while checking the daily dashboard, I saw sudden increase ( more than 33k) in the number of attacks blocked by SiteWALL. On further Investigation I found there was a scan Initiated by some IP from “Peru” (suggested my client to block the country using SiteWALL geolocation protection) on one of the website protected by SiteWALL. The attacker used a tool DirBuster 1.0 which is old tool from OWASP project ( https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project).
“DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often , now in this case ,what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these”


Interested to see attackers use of old tools. His motive was to find the hidden directories and files. SiteWALL keeps such traffic away from the protected webserver and helps in improving the productivity and efficiency of the webserver. I will keep sharing such interesting things from the Dashboard whenever I will find it, bye for Now. To know all the good things SiteWALL WAF can do please visit https://www.sitewall.net
