Re: Open Source Database Auditing

From: SD List (list@security-database.com)
Date: Fri May 11 2007 - 08:17:39 EDT

• Next message: kevin: "Re: Oracle tnslistener"
• Previous message: Danett song: "Re: dumping hashes on box w/ Norton AV"
• In reply to: James Patterson: "Re: Open Source Database Auditing"
• Next in thread: toggmeister@vulnerabilityassessment.co.uk: "Re: Re: Open Source Database Auditing"
• Maybe reply: toggmeister@vulnerabilityassessment.co.uk: "Re: Re: Open Source Database Auditing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi there,
Here is a global pack as presented during the latest Amsterdam Blackhat by
folks from Argeniss.

http://www.argeniss.com/research/HackingDatabases.zip

A lot of good stuffs (papers, tools, exploits and new techniques -
backdoors etc etc)

-- Nabil Ouchn
security-database.com

> Try the Oracle Auditing Tools.
>
> http://www.cqure.net/wp/?page_id=2
>
> ~Jim Patterson
> Rapid7, LLC
>
> On May 10, 2007, at 11:58 AM, holstein.robert@bls.gov wrote:
>
>> Hey all.
>>
>>
>> I'm looking for open source database vulnerability assessment and
>> penetration testing tools. Tips and techniques, and any related
>> documentation would also be helpful. This is specific to
>> Oracle9i-10G, but I would welcome input for any other DB's as well.
>>
>>
>> We have commercial tools on-site but are not licensed to assess
>> devices outside our IP range.
>>
>>
>> Thanks in advance!
>>
>> Bobby
>>
>> ----------------------------------------------------------------------
>> --
>> This List Sponsored by: Cenzic
>>
>> Are you using SPI, Watchfire or WhiteHat?
>> Consider getting clear vision with Cenzic
>> See HOW Now with our 20/20 program!
>>
>> http://www.cenzic.com/c/2020
>> ----------------------------------------------------------------------
>> --
>>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

• Next message: kevin: "Re: Oracle tnslistener"
• Previous message: Danett song: "Re: dumping hashes on box w/ Norton AV"
• In reply to: James Patterson: "Re: Open Source Database Auditing"
• Next in thread: toggmeister@vulnerabilityassessment.co.uk: "Re: Re: Open Source Database Auditing"
• Maybe reply: toggmeister@vulnerabilityassessment.co.uk: "Re: Re: Open Source Database Auditing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT