The Malta MySQL User Group (MMUG) met for the second time this Thursday, and compared to last time, we had a much better venue: Ixaris Systems let us use their board room, so we had all the tools we needed to have a good meeting.

We managed to get a group picture before everyone has arrived, so I guess we can call the people in this picture “early birds”.

Once we all arrived, however, Sandro Gauci from EnableSecurity gave us a very interesting talk on SQL Injection security, and general security flaws from a developer point a view. You can find the slides here: sql-injection.pdf.

Here’s a picture of Mr. Gauci while presenting. (Sorry for the obvious problem with the over-white picture — seems like I forgot to turn down the flash, and this was the only non-blurry shot I got.)

(more…)

Here are the slides and links I am using for the “Database Security Using White-Hat Google Hacking” at the 2008 MySQL Users Conference and Expo.

pdf slides

Where to Start:
http://johnny.ihackstuff.com/ghdb.php

i-hacked.com/content/view/23/42

for the impatient

Google’s Terms of Service
Google Operators

More Googlehacks to run:
Page 35 of http://www.sdissa.org/downloads/San%20Diego%20ISSA%20Google%20Hacking%20and%20Beyond%20May%202006-rhd.pdf

http://pauldotcom.com/wiki/index.php/Episode81#Tech_Segment:_Google_Queries_To_Run_Against_Your_Own_Domain

http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/

Goolag

Google Hacks sofware

Google Hacks Honey Pot

www.robotstxt.org

Wikto

Nikto