Penetration Test

  Boolean-based (content-based) Blind SQLi By ITSec Security Consulting Limited Boolean-based (content-based) Blind SQL Injection (SQLi) is a type of SQL injection attack where an attacker sends SQL queries to the database that force the application to return different results based on whether the query returns a TRUE or FALSE result. This type of attack is called “blind” because the attacker does not directly see the results of the query but can infer information based on the application’s behavior. Overview of Boolean-based Blind SQLi In a Boolean-based Blind SQLi attack, the attacker exploits vulnerabilities in the application’s input validation to inject malicious SQL code. The goal is to extract information from the database by observing the application’s responses to different queries. The attacker typically uses conditional statements in the SQL query to determine whether a certain condition is TRUE or FALSE. How Boolean-based Blind SQLi Works Identifying Vulnerabl...

  A Comprehensive Guide Introduction Union-based SQL Injection is a type of SQL injection attack that leverages the UNION SQL operator to combine the results of two or more SELECT statements into a single result. This technique allows attackers to retrieve data from different tables within the database by injecting a malicious UNION query. Union-based SQL Injection is particularly dangerous because it enables attackers to extract sensitive information, such as usernames, passwords, and financial data, from the database. This article will provide an in-depth exploration of Union-based SQL Injection, including its definition, techniques, examples, and prevention methods. Definition and Overview Union-based SQL Injection  is a type of SQL injection attack where the attacker uses the UNION SQL operator to combine the results of two or more SELECT statements into a single result. The UNION operator is used in SQL to combine the results of two or more SELECT queries into a single re...

  SQL Injection (SQLi) Types By ITSec SQL Injection (SQLi) is a code injection technique that exploits vulnerabilities in applications that interact with databases. There are several types of SQL injection attacks, each with its own methods and impacts. Here are the main types: In-band SQLi (Classic SQLi) : This is the most common and easiest to exploit. It occurs when an attacker uses the same communication channel to both launch the attack and gather results. There are two primary techniques: Error-based SQLi : Relies on error messages thrown by the database server to gain information about the database structure. Union-based SQLi : Uses the UNION SQL operator to combine the results of two or more SELECT statements into a single result2. Inferential SQLi (Blind SQLi) : This type of attack does not transfer data via the web application and the attacker cannot see the result of the attack in-band. Instead, the attacker sends payloads and observes the web application’s response and ...

Security Risk Assessment and Audit   What is SRAA (Security Assessment and Audit)? A SRAA (Security Assessment and Audit) identifies, assesses, and implements key security controls in applications. It also focuses on preventing application security defects and vulnerabilities. Carrying out a risk assessment allows an organization to view the application portfolio holistically — from an attacker’s perspective. It supports managers in making informed resource allocation, tooling, and security control implementation decisions. Thus, conducting an assessment is an integral part of an organization’s risk management process. How does a SRAA (Security assessment and audit) work? Factors such as size, growth rate, resources, and asset portfolio affect the depth of risk assessment models. Organizations can carry out generalized assessments when experiencing budget or time constraints. However, generalized assessments don’t necessarily provide the detailed mappings between assets, assoc...