August 8, 2015 | by Edcel Suyo | Video

SQLi is a technique where code is injected to data-driven applications. These codes includes malicious SQL statements which are inserted into an entry field for execution such as dumping database contents.
If you think your apps are secure or your target web app is not vulnerable to SQLi, think again!
Tags: 2nd order SQLi, attack demo, SQL injection, sqli, sqlmap, webinar
Read more
October 23, 2014 | by GiRa | Blog posts

Master of Puppets
Hello fellow pentesters,
thanks to everyone who joined the live webinar. As tour manager would say: “the house was packed”!
If you did not make it, you can download the recording of the entire session here.
The Scenario
The web application tested is a social network where users can upload their “selfies”.
Tags: scripting, sqli, sqlmap, web application security, webinar
Read more
October 9, 2014 | by GiRa | Blog posts

Master of Puppets
What happens when you have a web application using EXT4 to store files, correctly escapes queries and does not accept direct user controlled parameters?
You need to take your SQLi to the next level!
Tags: scripting, sqli, sqlmap, web application security, webinar
Read more