Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Oracle?

From: Sebastiaan <littlebighuman () gmail com>
Date: Fri, 25 Sep 2009 15:38:34 +0200
Got this off the list (there is more), maybe its helpfull:

- Book about Oracle security:
http://dsec.ru/about/articles/oracle_security_book/

- Secure Auditor Version performs audit on Oracle, MSSQL, Windows
and Cisco Routers, presents vulnerability specification, prioritizes risk
levels, and provide step by step methods of mitigation:
http://www.security-database.com/toolswatch/Secure-Auditor-v2-available.html

- Demo about Oracle SQL injec.: http://down2.nosec.org/swf/pangolin_oracle.html




On 9/23/09, Xavier Mertens <xavier () pwn3d be> wrote:

Hi *,

I'll perform a pentest against an Oracle DB.
Anybody has a list of classic tests to be performed against a version 10 & 11 ?

Tx!
Xavier
--
The computer revolution is over. The computers won.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: