splmap 0.6 released

My friend inquis today released one of the best SQL injection tools available to the public: sqlmap. For the ones of you that do not know this tool yet, sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once […]

Database datatype comparison sheet

Sometimes when writing automated SQL injection tools or exploit based on SQLi vulnerabilities you can fight with the different implementation of standard SQL datatype of DBMS.Reading a lot of documentation i wrote a  comparison sheet between datatypes used by Mysql, SQL Server, Oracle, DB2, SQLite, PostgreSQL, Sybase ASE, Firebird.You can download Adobe Acrobat [PDF] or […]

Tuning and Optimizing Performace of MySQL

A lot of times i found a LAMP server with the MySQL server poorly configurated. There are a lot of tips, for example enable and tune the query cache, that can enhance the performance of MySQL. Here is a little check list: Enable the query cache and other caches Tune the settings of query cache […]