Whitepapers

Deep Blind SQL Injection

Published 18/08/2008 | By FM

Deep Blind SQL Injection is a new way to exploit Blind SQL Injections with a 66% reduction in the number of requests. Continue reading →

Posted in Whitepapers

DoS Attacks Using SQL Wildcards

Published 18/08/2008 | By FM

This document discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications. Continue reading →

Posted in Whitepapers

Next Generation Malware: Windows Vista’s Gadget API

Published 31/03/2008 | By TMB

Windows has had the ability to embed HTML into it’s user interface for many years. Right back to and including Windows NT 4.0, it has been possible to embed HTML into the task bar, but the OS has always maintained a sandbox, from which the HTML has been unable to escape. All this changes with Windows Vista. Continue reading →

Posted in Whitepapers | Tagged analysis, exploit, Windows

Having Fun With PostgreSQL

Published 27/03/2008 | By NIL

PostgreSQL is one of the most commonly used open source database management systems. Continue reading →

Posted in Whitepapers