It has been a long time since i posted something here ; infact, so long that i even forgot the password for the blog 🙁
So, Just a small update on the things i have got lined up for the upcoming Conferences.
Training: Hacking and Securing Oracle database (2 days)
I am quite excited about jointly holding a training session at this years’s Blackhat with Alexander Kornbrust. The training is ideal for Oracle DBA and Developers. It wont be all about getting shells from back-end database, but we will try to address some more real life problems such as how to manage 1000 instances of back-end database, the built-in Oracle features which can be used to harden the database, some common coding flaws etc. More details including registration details can be found here
Workshop: The Art of Exploiting Lesser Known Injection Flaws
At the Blackhat briefings, me and Aleks (Aleksander Gorkowienko) will be conducting a workshop on some “not very commmon” injection flaws. These are LDAP, XPATH, XML external entity etc. We are still working on this and i will post more details later. In a nutshell there will be loads of challenges, CTF, some prizes to be won (may be!) and loads of fun.
Thats all for me, see you in Vegas!