Wednesday, 21 May 2008
Friday, 16 May 2008
I got an email this morning (and a comment on an IM conversation a week ago) that has continued to remind me that I've been neglecting this blog. So I thought I'd pen a quick update to let everyone know whats going on and coming up.
First of all, I got my turbo talk to Blackhat USA in Las Vegas accepted, so I'll be speaking there again for the first time since 2004. The paper is called "SQL Injection Worms for Fun and Profit", and appears to be even more timely than I expected when submitting it considering what is still an ongoing problem. I'll be in Vegas for both Blackhat and Defcon if anyone wants to plan a catch up.
On other news, I've made little progress on rewriting SQLBrute in .NET due to a lack of time. I am, however, going to release SQLBrute 1.1 in Python in the not too distant future - I'm adding Sybase support, and cleaning up a few of the routines. Also, check out the port of Microsoft's AntiXSS library to Java - you can check it out on the GDS Tools page.
Thats all for now - more news and happenings soon!