sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. sqlmap – automatic SQL injection tool root@kali:~# sqlmap -h Usage: python sqlmap [options] Options: -h, –help Show basic help message and exit -hh […]
Articles Tagged: sql injection
SQL Injection
Use the following code examples to inject: ‘ or ‘1’=’1 The following steps show how a hacker can bypass Web Application Security by performing an SQL injection attack into a web site that connects to an SQL Server. This example is for an older SQL Server product as Microsoft has disabled some of […]
Tools That Should Be In Your Infosec Toolbox
Reference: http://www.proactiverisk.com/tools/ DISCLAIMER The following list of URL’s are a collection of resources broken down by category. The resources are listed numerically in no particular order except for tracking purposes Breach Laws State Breach Laws Hardening Guides Windows: CIS Security Benchmarks for Windows NSA Security Configuration Guides for Windows Microsoft Baseline Security Analyzer Microsoft PC Security Secunia Personal […]
How to detect and investigate attack methods with AlienVault USM
Shellshock (Bash) Vulnerability Webcast: The Bash Vulnerability: Practical Tips to Secure your Environment Blog: Bourne Again: Helping you see the light through the Shellshock exploit Blog: Attackers exploiting Shellshock (CVE-2014-6721) in the wild Brute Force Attacks Webcast: Brute Force Attacks: Keeping the Bots at Bay with AlienVault USM Webcast: Detect Brute Force Attacks & APTs […]