SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
Advanced SQL Injection (Dojosec)
SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated as NOT exploit
able by security testers when it actually can be exploited.
"Advanced SQL Injection" is a presentation geared toward showing security professionals advanced exploitation techniques for situations when you must prove to the customer the extent of compromise that is possible.
The key areas are:
IDS/Web Application Firewall Evasion
Privilege Escalation
Re-Enabling stored procedures
Obtaining an interactive command-shell
Data Exfiltration via DNS
Joseph McCray is a leader when it comes to penetration testing. Joseph currently acts as Assessment Practice Manager at Rapid7 and is the founder of LearnSecurityOnline.com. At Rapid7, he manages and performs Blackbox & Whitebox, Wireless and VoIP Penetration Testing,as well as performing Social Engineering.
We hate these ADs as much as you do! Help us stay FREE and CLEAN by making a Generous Donation!
Related Videos from: Dojosec Monthly Briefings
.jpg) | .jpg) | .jpg) | .jpg) | .jpg) | |
You are Viewing this Video Now! | |||||
2128 views | 2096 views | 1702 views | 2075 views | 2234 views |
Author
The mission of DojoSec is to provide an environment for people to master the art of information security. DojoSec Monthly Briefings are an example of the commitment that we are making to accomplish this goal.
DojoSec Monthly Briefings’ audience have seen talks by Johnny Long, Ron Gula, Joseph McCray, Marcus J. Ranum, and Bruce Potter to name a few speakers. Attendees enjoy technical demonstrations, industry expert speakers, and a meal. It’s like a dinner theater for security geeks!
©2007 Freak Labs |