Home page logo

basics logo Security Basics mailing list archives

The Art of Exploiting SQL Injection: 1 day hands on training at Black Hat US
From: Sumit Siddharth <sid () notsosecure com>
Date: Fri, 24 Feb 2012 15:51:31 +0000

Hello All,

This year at Black Hat Las vegas, I will be hosting a 1 day training course
on the most popular web app hacking technique 'SQL Injection'.

Here is the abstract of the course:

"This is a full day hands on training course which will typically target
penetration testers, security auditors/administrators and web developers to
learn advanced exploitation techniques. SQL Injection, although now nearly
15 years old, still exists in over 30% of the web applications. This
vulnerability could typically result in 3 scenarios:

Authentication Bypass
Extraction of arbitrary sensitive data from the database
Access and compromise of the internal network.
This training will target 3 databases:


and discuss a variety of exploitation techniques to exploit each scenario.
The aim of the training course is to address the following:

Understand the problem of SQL Injection
Learn a variety of advanced exploitation techniques which hackers use
Learn how to fix the problem
Identify, extract, escalate, execute; we have got it all covered.

More details can be found here:

There are a few seats still left and the course will sell-out very soon. If
you require more details feel free to contact me at


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
  • The Art of Exploiting SQL Injection: 1 day hands on training at Black Hat US Sumit Siddharth (Feb 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]