Login or register
SecDocs RSS feed
RSS feed about tag SQL injection Tag: SQL injection
Date Type Title Author Event
January 10, 2012 Slides SQL Injections by Truncation Bala Neerumalla Black Hat USA 2006
December 29, 2011 Slides SQL Injection and Data Mining Through Inference David Litchfield Black Hat EU 2005
December 24, 2011 Slides Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection Yuan Fan Black Hat USA 2005
December 18, 2011 Slides Advanced SQL Injection in Oracle Databases Esteban Martínez Fayó Black Hat USA 2005
December 11, 2011 Slides Oracle PL/SQL Injection David Litchfield Black Hat EU 2004
November 29, 2011 Slides Blind SQL Injection Automation Techniques Cameron Hotchkies Black Hat USA 2004
November 25, 2011 Slides One-Way SQL Hacking: Futility of Firewalls in Web Hacking Jacco van Tuijl Black Hat Windows Security 2002
November 25, 2011 Slides Web Vulnerability and SQL Injection Countermeasures: Securing Your Servers From the Most Insidious of Attacks Timothy Mullen Black Hat Windows Security 2002
November 11, 2011 Slides Remote Web Application Disassembly with ODBC Error Messages David Litchfield Black Hat Windows Security 2001
November 08, 2011 Slides Remote Web Application Disassembly with ODBC Error Messages David Litchfield Black Hat Asia 2001
November 08, 2011 Paper Remote Web Application Disassembly with ODBC Error Messages David Litchfield Black Hat Asia 2001
November 04, 2011 Slides SQL Security Revisited Chip Andrews Black Hat USA 2001
October 31, 2011 Slides Web Vulnerability & SQL Injection Countermeasures Tim Mullen Black Hat EU 2001
October 31, 2011 Slides One-Way SQL Hacking Saumil Shah Black Hat EU 2001
July 30, 2011 Paper Advanced Oracle Attack Techniques David Litchfield Black Hat DC 2007
July 30, 2011 Slides Advanced Oracle Attack Techniques David Litchfield Black Hat DC 2007
July 08, 2011 Paper Hacking Databases for Owning Your Data Cesar Cerrudo Esteban Martínez Fayó Black Hat EU 2007
July 08, 2011 Slides Hacking Databases for Owning Your Data Cesar Cerrudo Esteban Martínez Fayó Black Hat EU 2007
June 26, 2011 Paper Timing Attacks for Recovering Private Entries From Database Engines Ariel Waissbein Damian Saura Black Hat USA 2007
June 26, 2011 Slides Timing Attacks for Recovering Private Entries From Database Engines Ariel Waissbein Damian Saura Black Hat USA 2007
February 17, 2011 Video NoSQL == No SQL injections? Wayne Huang DEFCON 18
February 17, 2011 Audio NoSQL == No SQL injections? Wayne Huang DEFCON 18
October 23, 2010 Video Advanced SQL Injection Joe McCray LayerOne 2009
October 23, 2010 Slides Advanced SQL Injection Joe McCray LayerOne 2009
October 10, 2010 Audio The Presence and Future of Web Attacks Multi-Layer Attacks and XSSQLI Mario Heiderich Confidence 2010 Krakow
October 10, 2010 Video The Presence and Future of Web Attacks Multi-Layer Attacks and XSSQLI Mario Heiderich Confidence 2010 Krakow
June 30, 2010 Slides SQL Injection Worms for Fun and Profit Justin Clarke Black Hat USA 2008
June 30, 2010 Audio SQL Injection Worms for Fun and Profit Justin Clarke Black Hat USA 2008
June 30, 2010 Video SQL Injection Worms for Fun and Profit Justin Clarke Black Hat USA 2008
April 28, 2010 Video The Making of the second SQL injection Worm Sumit Siddharth DEFCON 17
April 28, 2010 Slides The Making of the second SQL injection Worm Sumit Siddharth DEFCON 17
April 28, 2010 Audio The Making of the second SQL injection Worm Sumit Siddharth DEFCON 17
April 08, 2010 Video Advanced SQL Injection Joseph McCray DEFCON 17
April 08, 2010 Slides Advanced SQL Injection Joseph McCray DEFCON 17
April 08, 2010 Audio Advanced SQL Injection Joseph McCray DEFCON 17
March 07, 2010 Video Advanced MySQL Exploitation Muhaimin Dzulfakar DEFCON 17
March 07, 2010 Paper Advanced MySQL Exploitation Muhaimin Dzulfakar DEFCON 17
March 07, 2010 Slides Advanced MySQL Exploitation Muhaimin Dzulfakar DEFCON 17
March 07, 2010 Audio Advanced MySQL Exploitation Muhaimin Dzulfakar DEFCON 17
February 19, 2010 Slides Expanding the control over the operating system from the database Bernardo Damele Assumpcao Guimaraes Guido Landi Confidence 2009 Warszawa
February 17, 2010 Slides How easy SQL Injection bugs defeat the most famous Web vulnerability scanners Chema Alonso José Parada Confidence 2009 Warszawa
February 13, 2010 Slides Connection String Parameter Pollution Attacks Chema Alonso Jose Palazon Black Hat DC 2010
February 13, 2010 Paper Connection String Parameter Pollution Attacks Chema Alonso Jose Palazon Black Hat DC 2010
December 28, 2009 Video MatriXay: When Web App & Database Security Pen-Test/Audit Is a Joy Yuan Fan Xiao Rong DEFCON 14
December 28, 2009 Slides MatriXay: When Web App & Database Security Pen-Test/Audit Is a Joy Yuan Fan Xiao Rong DEFCON 14
December 28, 2009 Audio MatriXay: When Web App & Database Security Pen-Test/Audit Is a Joy Yuan Fan Xiao Rong DEFCON 14
December 26, 2009 Slides Advanced SQL Injection
December 12, 2009 Audio It's All About the Timing Haroon Meer Marco Slaviero DEFCON 15
December 11, 2009 Audio SQL injection and out-of-band channeling Patrik Karlsson DEFCON 15
November 19, 2009 Audio New Tool for SQL Injection with DNS Exfiltration Robert Ricks DEFCON 16
October 31, 2009 Audio Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool Chema Alonso José Parada DEFCON 16
October 29, 2009 Slides Expanding the Control Over Operating System From the Database Bernardo Damele Assumpcao Guimaraes Guido Landi Source Conference Barcelona 2009
October 28, 2009 Slides SQL injection: Not Only AND 1=1 Bernardo Damele Assumpcao Guimaraes Digital Security Forum - 2nd
October 06, 2009 Video Advanced MySQL Exploitation Muhaimin Dzulfakar HAR 2009
October 06, 2009 Slides Advanced MySQL Exploitation Muhaimin Dzulfakar HAR 2009
September 05, 2009 Paper Advanced MySQL Exploitation Muhaimin Dzulfakar Black Hat USA 2009
September 05, 2009 Slides Advanced MySQL Exploitation Muhaimin Dzulfakar Black Hat USA 2009
July 11, 2009 Slides PHP Security Crash Course for beginners: Part IV - SQL Security Stefan Esser
July 03, 2009 Paper One Click Ownage Ferruh Mavituna
June 28, 2009 Slides Oracle SQL Injection in Webapps Alexander Kornbrust Confidence 2009 Krakow
June 25, 2009 Video It's All About the Timing Haroon Meer Marco Slaviero DEFCON 15
June 25, 2009 Slides It's All About the Timing Haroon Meer Marco Slaviero DEFCON 15
June 25, 2009 Paper It's All About the Timing Haroon Meer Marco Slaviero DEFCON 15
June 20, 2009 Slides Application Injections - Exploiting SQL, XSS & XPATH Shreeraj Shah Confidence 2009 Krakow
June 17, 2009 Video SQL injection and out-of-band channeling Patrik Karlsson DEFCON 15
June 17, 2009 Slides SQL injection and out-of-band channeling Patrik Karlsson DEFCON 15
May 27, 2009 Slides Re-Playing with (Blind) SQL Injection ShmooCon 2009
May 17, 2009 Video Building the bridge between the WebApp and the OS: GUI access through SQL Injection Alberto Revelli Confidence 2008
May 17, 2009 Slides Building the bridge between the WebApp and the OS: GUI access through SQL Injection Alberto Revelli Confidence 2008
May 07, 2009 Slides Advanced SQL Injection Exploitation to Operating System Full Control Bernardo Damele Assumpcao Guimaraes Black Hat EU 2009
May 07, 2009 Paper Advanced SQL Injection Exploitation to Operating System Full Control Bernardo Damele Assumpcao Guimaraes Black Hat EU 2009
April 18, 2009 Slides Building the bridge between the Web Application and the OS: GUI access through SQL Injection Alberto Revelli EUSecWest 2008
April 10, 2009 Video New Tool for SQL Injection with DNS Exfiltration Robert Ricks DEFCON 16
April 09, 2009 Slides New Tool for SQL Injection with DNS Exfiltration Robert Ricks DEFCON 16
March 22, 2009 Slides Advanced SQL Injection Joe McCray uCon Security Conference 2009
March 07, 2009 Video Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool José Parada Chema Alonso DEFCON 16
March 07, 2009 Paper Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool José Parada Chema Alonso DEFCON 16
March 07, 2009 Slides Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool José Parada Chema Alonso DEFCON 16
February 07, 2009 Paper SFX-SQLi: Fast data extraction using SQL injection and XML statements Daniel Kachakil
November 26, 2008 Paper Access Through Access Brett Moore
October 17, 2008 Paper How to write injection-proof PL/SQL Oracle
June 08, 2008 Paper Manipulating Microsoft SQL Server Using SQL Injection Cesar Cerrudo
June 06, 2008 Paper DoS Attacks Using SQL Wildcards Ferruh Mavituna
June 03, 2008 Paper Blind SQL injection discovery & exploitation technique Shreeraj Shah
May 03, 2008 Paper Lateral SQL Injection: A new Class of Vulnerability in Oracle David Litchfield
April 26, 2008 Paper Manipulating Microsoft SQL Server Using SQL Injection Cesar Cerrudo
April 26, 2008 Paper (more) Advanced SQL Injection Chris Anley
February 10, 2008 Paper Error based SQL Injection – a true story


Click here to lend your support to: SecDocs and make a donation at www.pledgie.com !

Top top


Follow us via RSS RSS feed, on twitter Twitter feed or on facebook Facebook page

© 2007-2012 Alessandro `jekil` Tanasi
Serving 5388 documents and 337.5 GB of hacking knowledge, indexed from 1676 authors in 104 security conferences.
To report bugs or suggest features write .