Description: Talk: Real World Techniques & Firewall Evasion In SQLi
Speaker: Francis Alexander
The Paper concentrates on Real – World Pentesting than Local Environments since in most of the cases you are provided only with a network or a website and most skills you gained on Local Systems falls apart.The Real-world scenarios are much more heavily complicated.You have WAF’S ,firewalls, honeypots ,NAT and all lot of stuff to get you drowned up.This paper will be focusing on mainly the SQLi stuff we come across , we will have a outlook from the basic sqli stuff to the Advanced bypassing techniques which includes bypassing 400,404,406,403,500,1064,1222 and other errors associated with the WAF’S and also some fun techniques you could hold up your sleeve. The presentation will have live demos , The Live demos include a basic site with no waf to try out with some high end waf’s blocking you out. (1 site for basic sqli and 3-4 sites with WAF’s)
Tags: francis alexander , sqli , advanced sqli waf bypass , waf bypass , exploiting real life sqli , defcon kerala ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
This would be great to have the slides for this! It seems as his website has reached his bandwith limit... Anyone have access to better details of this?
This guys work seems fantastic ! I think it would be a shame to not get ahold of this.