My presentation from the Swedish OWASP meeting the other day is now online. I spoke about SQL injection (again), efficient UNION exploitation, OOB channels and DNS-tunneling in MSSql, Oracle and MySQL. The presentation, DNS-server tool and a minimal cheat sheet can be found here. I had a great time and enjoyed meeting friends, colleagues and [...]

I made some minor adjustments and bugfixes to the 0.7 release and released 0.8. MSSQLScan should now support a graceous shutdown when doing a ctrl-break and not skip hosts when running out of sockets. Get it here.

I have released a new tool that can be used to verify password quality against several database engines. Make sure to check it out here.

I have released a new version of my MSSQLScan tool. It contains fixes for running out of sockets when scanning large networks with low timeouts and re-scheduling of unsuccesful probes. Let me know how/if it works and please send me bug reports.