[ad] The latest big news is that on February 6th the Kaspersky Customer Records database was hacked through a simple SQL injection flaw on the website. The hacker claimed it was possible to expose all customer data including users, activation codes, lists of bugs, admins, shot and so on. The anonymous hacker hasn’t actually posted […]
Database Hacking
Acunetix Web Vulnerability Scanner 6 Review
[ad] As you might know if you’ve been reading for some time, I do occasionally review commercial software if it’s interesting and relevant – the last one I remember doing was back in 2007 “Outpost Security Suite PRO Review“. This time it’s for a much more relevant piece of software IMHO, and one which I […]
WITOOL v0.1 – GUI Based SQL Injection Tool in .NET
[ad] WITOOL is an graphical based SQL Injection Tool written in dotNET. – For SQL Server, Oracle – Error Base and Union Base Interface Features Retrieve schema : DB/TableSpace, Table, Column, other object Retrieve data : retrive paging, dump xml file Log : View the raw data HTTP log Environment OS: Windows 2000/XP/VISTA Requirement: Microsoft […]
Microsoft Warns of Serious MS-SQL 2000 & 2005 Vulnerability
[ad] Another big flaw has been discovered in Microsoft software just a few days after they broke their patch cycle to issue a patch for the IE bug that allowed remote code execution. This time however it doesn’t really effect home users or the general consumer, it’s a more specific server side vulnerability affecting Microsoft […]
MultiInjector v0.3 Released – Automatic SQL Injection and Defacement Tool
[ad] You might remember a while ago we posted about MultiInjector which claims to the first configurable automatic website defacement tool, it got quite a bit of interest and shortly after that it was updated. Anyway, good or bad I think people deserve to know what is out there. Features Receives a list of URLs […]