On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Content provided by Black Hat and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
Yuan Fan and Xiao Rong: MatriXay-When Web App & Database Security Pen-Test/Audit Is a Joy
MP4•Episode home
Manage episode 153984316 series 1109074
Content provided by Black Hat and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This topic will present a new web-app/DB pen-test tool. This tool supports both proxy (passive) mode as well as direct URL targeting. It is a mixed Web App SQL Injection systematic pen-test and WebApp/Database scanner/auditing-style tool and supports most popular databases used by web applications such as Oracle, SQL Server, Access and DB2. It has many unique features from web app backend Database automatic detection to the ability to browse database objects (without the need to ask for a passwords, of course), to the ability to locate/search for any sensitive content inside the DB and find more vulnerability points from source as well as privilege escalation.
…
continue reading
86 episodes
Yuan Fan and Xiao Rong: MatriXay-When Web App & Database Security Pen-Test/Audit Is a Joy
Black Hat Briefings, Las Vegas 2006 [Video] Presentations from the security conference
MP4•Episode home
Manage episode 153984316 series 1109074
Content provided by Black Hat and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This topic will present a new web-app/DB pen-test tool. This tool supports both proxy (passive) mode as well as direct URL targeting. It is a mixed Web App SQL Injection systematic pen-test and WebApp/Database scanner/auditing-style tool and supports most popular databases used by web applications such as Oracle, SQL Server, Access and DB2. It has many unique features from web app backend Database automatic detection to the ability to browse database objects (without the need to ask for a passwords, of course), to the ability to locate/search for any sensitive content inside the DB and find more vulnerability points from source as well as privilege escalation.
…
continue reading
86 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.