NotSoSecure Blog

Oracle Hacks Added to SQLi Lab

06 Nov 2013

We have just added some more awesome challenges in Sqli Lab and thought it would be good idea to share some insight about it. Note: David Litchfield’s book Oracle Hacker’s…

Read More

Hacking Oracle XE from Web

22 Oct 2013

Note: You can practice the below mentioned hack in our SQLi Lab In last few years, I have done a few talks/webinar on how to exploit SQL Injection in a…

Read More

Penetration Testing: The Art or The Science?

20 Sep 2013

So, I have been penetration testing for a while now. Over the years, I have seen penetration testing evolve dramatically. Back in the days, tools were not as smart as…

Read More

Pwning Postgres 9.1

12 Sep 2013

I recently came across a Postgres based SQL Injection in a web application. The database in question was the latest version (9.1). I was in luck and the back-end database…

Read More

Read More

A Collaboration worth mentioning..

03 Nov 2012

Hello All, It has been a long time since you have heard from me I am quite excited to share the news that I will be at Black Hat UAE…

Read More

What to/not to expect from pentest

03 May 2012

Hello, it has been a while since I posted something (nothing unusual), but I really wanted to touch on a sensitive/controversial topic. Firstly, the blog just represent my personal opinion…

Read More

Black Hat Eu 2012

18 Mar 2012

Hello All, as always it has been a while since I posted something. Some things never change….. Anyways, I was privileged to speak at yet another Black Hat. This time…

Read More