Advanced SQL Injection

Home
Drop menu
- Menu 1
- Menu 2
- Menu 3
- Menu 4
- Menu 5
Drop menu 2
- Menu 1
- Menu 2
- Menu 3
  - Menu 3.1
  - Menu 3.2
  - Menu 3.3
  - Menu 3.4
- Menu 4
- Menu 5
Drop menu 3
- Menu 1
- Menu 2
- Menu 3
- Menu 4
- Menu 5
Instruction to use

Advanced SQL Injection

Speaker: Joseph McCray Founder of Learn Security Online

SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated as NOT exploitable by security testers when it actually can be exploited.

Advanced SQL Injection is a presentation geared toward showing security professionals advanced exploitation techniques for situations when you must prove to the customer the extent of compromise that is possible.

The key areas are:

•IDS Evasion, Web Application Firewall Bypass
•Privilege Escalation
•Re-Enabling stored procedures
•Obtaining an interactive command-shell
•Data Exfiltration via DNS

Share this video :