Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Presentation on using VPD in the real world available"] [Next entry: "A database installed version of who has privilege script"]

SQL Injection Exploitation techniques

Sumit Siddharth has posted a link to the slides for his recent presentation at OWASP AU 2009. The presentation is called "Recent advancements in SQL Injection exploitation techniques". His blog NotSoSecure is also interesting and worth a read as he often talks about database security and SQL Injection. Sumit is also the author of the tool Blind Sql Injection Brute Forcer version 2 - bsqlbf-v2 which has recently been updated, there is a link to the download in the blog or you can get it from