security Archive

MySQL Security

Sheeri Cabral, Senior DB Admin/Architect at Mozilla, make a presentation about MySQL security. All the aspects of MySQL security are presented in this talk: backup access, encryption, network access, access to operating systems and logs, etc.

SQL Injection through HTTP Headers

Identifying the input vectors of the target application is a primordial step during vulnerability assessment or penetration testing. This article explains how to people can attempt SQL injection in your database through HTTP Headers and discusses which

SQL Injection Myths & Fallacies

This presentation about the myths and fallacies of SQL injection presents the best practices of defense against top web security issue. The most massive crime of identity theft in history was perpetrated in 2007 by exploiting an

Advanced MySQL Exploitation

This talk focuses on how MySQL SQL injection vulnerabilities can be used to gain remote code execution on the LAMP and WAMP environments. Attackers performing SQL injection on a MySQL platform must deal with several limitations and

Time-Based Blind SQL Injection Using Heavy Queries

This presentation describes how attackers could take advantage of SQL Injection vulnerabilities using time-based blind SQL injection. The goal is to stress the importance of establishing secure development best practices for Web applications and not only to