SQL injection with sqlmap

DerbyCon 3.0 - All In The Family

Presented by: Conrad Reynolds, CISA
Date: Saturday September 28, 2013
Time: 10:00 - 10:50
Location: Track 4
Track: The 3-Way

When hacking websites, SQL injection is a very popular way read or change data that you’re not supposed to have access to. Sqlmap is a powerful and free tool that enables you to find and exploit SQL injection vulnerabilities. Come see how to use sqlmap to attack websites and control databases (but only for the forces of good, please).

Conrad Reynolds, CISA

Conrad has held a variety of positions in IT Audit, Application Development, Management, and Web Security in Fortune 50, non-profit,and government sectors. He has been implementing and advising on IT security solutions for several years. He currently hacks government web apps for a living.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats