Penetration Testing mailing list archives

Re: Open Source Database Auditing

From: "Clint P. Garrison MBA, CISSP, QSA" <garrison.clint () gmail com>
Date: Thu, 10 May 2007 12:32:00 -0500

You should get the "Database Hacker's Handbook" Here's a good review
with some more links.

http://netsecurity.about.com/od/4/fr/aabr_dbhackers.htm

Clint P. Garrison

On 10 May 2007 15:58:28 -0000, holstein.robert () bls gov
<holstein.robert () bls gov> wrote:

Hey all.


I'm looking for open source database vulnerability assessment and penetration testing tools.  Tips and techniques, and any 
related documentation would also be helpful. This is specific to Oracle9i-10G, but I would welcome input for any other DB's 
as well.


We have commercial tools on-site but are not licensed to assess devices outside our IP range.


Thanks in advance!

Bobby

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

Open Source Database Auditing holstein . robert (May 10)
- Re: Open Source Database Auditing SD List (May 10)
- Re: Open Source Database Auditing James Patterson (May 10)
  - Re: Open Source Database Auditing SD List (May 11)
- Re: Open Source Database Auditing Clint P. Garrison MBA, CISSP, QSA (May 10)
- Re: Open Source Database Auditing Joxean Koret (May 10)
- Re: Open Source Database Auditing Marco Ivaldi (May 11)
- <Possible follow-ups>
- Re: Re: Open Source Database Auditing toggmeister (May 11)