Author Archives: sid

Malware Analysis

Issue System Administrator finds a suspicious dll running named as “COM APPLICATION SUPPORT.DLL” and raises a security concern. Static Analysis We started the analysis by loading the file to check for any known packers. The output of the tool suggested against any such packers as shown below. Loading the file… Read More

Oracle Hacks Added to SQLi Lab

We have just added some more awesome challenges in Sqli Lab and thought it would be good idea to share some insight about it. Note: David Litchfield’s book Oracle Hacker’s Handbook is the best resource to learn about these attacks. You can now practice a series of Oracle database hacks… Read More

Hacking Oracle XE from Web

Note: You can practice the below mentioned hack in our SQLi Lab In last few years, I have done a few talks/webinar on how to exploit SQL Injection in a web application which talks to Oracle database. Particularly, how to execute OS code and do privilege escalation. You may want… Read More