This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
I've Been Hacked-What Now
From OWASP
My Server Has Been Hacked--What Do I Do Now??
This page will offer suggestions and resources for identifying and eliminating threats to your web servers/applications after a suspected attack.
Anyone interested in contributing is welcome.
comment added by Marcin • 14:24, 19 November 2008 (UTC):
Below are some basic bullet points that should be expanded on/revised, etc.
- Identification
- Assessment
- Containment
- Evidence Collection
- Forensic Analysis
- Investigation
- Incident Follow-up