Slides from SOURCE Boston 2009, presenting heyoka, a new DNS tunneling tool that uses spoofed traffic to avoid detection and multiple encodings to improve speed. Continue reading
Slides presented by Alberto Revelli at OwaspDay II in Rome, 31/03/2008. They describe some SQL Injection tricks that can be used to get a full access to the DB server’s operating system. The examples are mainly focused on MS SQL Server, but the concepts are valid for other DBMS as well.