ASM Example: Detecting a Malicious HTTP Request

Request Example:

POST /login HTTP/1.1  
Host: www.example.com  
User-Agent: Mozilla/5.0  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 45  

username=admin&password=' OR '1'='1

Analysis by ASM:

Method: POST is valid, but the body will be inspected.
Body: SQL Injection attempt (' OR '1'='1) is detected.
Action: Request is blocked, and a violation is logged.

PreviousDeep Dive to “HTTP Request” on ASM Module NextIntroduction to OWASP Top-10 Security Risks

Last updated 9 months ago