SQL Injection - Let's get query-fied null Delhi Humla 17 October 2015 "SQL Injection - Let's get query-fied"
Brief information on the content:
The session would a complete hands-on, along reproduction analysis of the findings from a Vulnerability Assessment perspective. Some of the types of attacks covered in the session are as follows:
1. Error based and Blind Injections
2. Double query and Second order injections
3. Injections in update and insert queries
4. Injection through cookies
5. Command Injections and more such related attacks.
The sessions would be distributed across the day in a novice to expert format in a level ascending fashion. Also, the related labs will be shared for practice.
1. Laptop with a minimum of 4 GB RAM and 100 GB Free Disk Space.
2. Pre-install server suggested XAMPP.
3. Pre-installed Virtualization Software (Oracle Virtual Box/ VMWare Workstation)
4. Pre-installled Burp Suite Proxy: https://portswigger.net/burp/download.html
5. Mozilla Firefox with Fire bug and Tamper Data plugin installed
Prerequisites (if any): Basic understanding of HTTP, Web Applications and SQL. Hackers' perspective to things.
Recommended Readings (if any) before attending the Humla: None
AppSec professional with varied experience in consulting and product development domains. Other interest includes - infrastructure and mobile security.
Starts at Saturday October 17 2015, 10:30 AM. The sessions runs for about 3 hours.