My presentation from the Swedish OWASP meeting the other day is now online.
I spoke about SQL injection (again), efficient UNION exploitation, OOB channels and DNS-tunneling in MSSql, Oracle and MySQL.

The presentation, DNS-server tool and a minimal cheat sheet can be found here.
I had a great time and enjoyed meeting friends, colleagues and listening to the other speaches.

I made some minor adjustments and bugfixes to the 0.7 release and released 0.8. MSSQLScan should now support a graceous shutdown when doing a ctrl-break and not skip hosts when running out of sockets.

Get it here.

I have released a new tool that can be used to verify password quality against several database engines. Make sure to check it out here.

I have released a new version of my MSSQLScan tool. It contains fixes for running out of sockets when scanning large networks with low timeouts and re-scheduling of unsuccesful probes.

Let me know how/if it works and please send me bug reports.

I have launched a new blog with “random thoughts about random things” … The reason why I’m launching a new site when barely keeping up with this one is that I want to keep this one security oriented while the new one a bit more “random”. The new blog can be found here http://patrik.cqure.net.

I’m guessing we might have to outdated blogs in a couple of weeks