SQL Injection

/Tag:SQL Injection

Week 34 In Review – 2016

Events Related Impressions From DEF CON 24: The Machines Are Rising - securityintelligence.com DEF CON 24, the world’s largest hacker conference, ended Aug. 7, and I must say I enjoyed every moment of it. There was so much to see in so little time; I definitely regret missing some great stuff that happened. Even so, [...]

Week 7 In Review – 2016

Events Related BSidesNYC2016 - github.com Resources mediatek mt6261 rom dumping via the vibration motor - www.sodnpoo.com McAfee SiteList.xml password decryption - funoverip.net Recently, a very good friend of mine pointed me out the story of a pentester who recovered the encrypted passwords from a McAfee SiteList.xml file, using Responder. Brute-forcing Microsoft Lync via NTLM - www.hackwhackandsmack.com [...]

Week 1 In Review – 2014

Resources Phishing Frenzy: Installing the Monster – pentestgeek.com If you’re not a rails guru or haven’t ever dabbled with ruby on rails, the installation process might seem overwhelming. Zeknox created this helpful video which follows the newly created wiki on how to get up and running with PF on Kali linux. 30c3: To Protect And Infect, [...]

Week 42 In Review – 2013

Events Related SANS FOR610: Reverse Engineering Malware – Course Review – blog.c22.cc What follows is a review of the SANS FOR610: reverse engineering malware class taken at the SANS Prague 2013 event. What follows are rough notes, feelings and impressions from the class as it was taking place. Take it as you will, and we hope [...]

Week 39 In Review – 2013

Events Related BruCON 0×05 Wrap Up -blog.rootshell.be Here is Xavier's quick wrap-up of  BruCON 0×05. Actually it’s not a wrap-up about the talks. He gives some statistics about the visitors. Resources One Weird Trick for Finding More Crashes – www.cert.org CERT Vulnerability Analysis Team announced the release of updates to both of their fuzzing tools, the CERT [...]

Week 37 In Review – 2013

Resources Video Tutorial: Introduction to XML External Entity Injection – community.rapid7.com This video introduces XML injection to achieve XML external entity injection (XXE) and XML based cross site scripting (XSS). Errata Security's blog We scanned the Internet for port 22 – blog.erratasec.com Errata Security scanned the entire Internet for port 22 -- the port reserved for "SSH", [...]

Week 21 in Review – 2012

Event Related HITB2012 Amsterdam Day 1 HITB2012AMS Day 1 – One Flew Over The Cuckoos Nest - corelan.be Claudio Guarnieri, senior researcher at iSight Partner, and part of the Shadowserver Foundation and the HoneyPot project. He works with malware on a daily basis, maintains malwr.com and is the main developer of the Cuckoo Sandbox, which [...]

SQLiBENCH

SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases. There're a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql [...]

2017-03-12T17:40:21-07:00 January 15th, 2009|Security Tools|0 Comments