Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle expert warns of weakness in PL/SQL"] [Next entry: "Oracle root kits part 2"]

MatriXay a new way to penetration test web apps and databases

I had the great pleasure to meet Frank Fan in Las Vegas when I was speaking at the BlackHat conference. Frank was there to talk about his new application MatriXay which can be used to pentest web applications and databases. I have seen the application before and was interested to see a newer version. I got a good look at it before Franks talk and also went along to hear Frank speak. His presentation included a flash movie of the application used in anger. This is a great application and Frank was good enough to let me have a copy to review, I am looking forwards to having a proper look at it and running it through its paces. Franks presentation is called " - (broken link) Improved penetration testing of Web Apps and databases with MatriXay and is well worth a look. This is the best web app scanner I have seen.