Collaborate Disseminate
I think sometimes it is best to look into different research scheme , get information on which is the best place to get this programmer guys , I was once a victim and I vowed never to contact again . I work in a place where w… Continue reading Hacker for Hire services?
Disclaimer I am not a security professional, just a programmer trying to do my best. Additionally, this is my first post to this community so I appologise if this question is too broad.
The Situation My local network (mana… Continue reading Secure Implementation of Password Database
We have a installer that we have built using scripts. When we start the installer, it asks for the database system user and password, which it needs to create application users. We do not want the user doing the installation … Continue reading How to securely access oracle system user credentials from my installer
I am creating a database table with an encrypted value, say users:
Say John encrypted is U2FsdGVkX193AOGlBRE1RNScJRGN9vSB4erIljJwaKw=.
UserId | Name
—— | ——————————————–
1 | U2FsdGVkX19… Continue reading Security flaws of storing strings and some of its substrings using Microsoft SQL Server Transparent Data Encryption?
What are the best vulnerability scanners for an RDF database that uses SPARQL? I like the credentialed scanning in Nessus, but the results are not very valuable, I think because it does not know what to do with the DB. I am… Continue reading SPARQL Aware Security Assessment Tool [on hold]
I want to make a client-side, Windows-based application that allows the user to register and it will store the registration details in an online MySQL server.
However when i googled ways to do this, I found that to establish… Continue reading Risk of getting MySQL database compromised with a client application
Consider an (Java) application that will be deployed on an off-the-shelf laptop in a public location. The laptop is not connected to any network or the internet. A USB barcode scanner is available as an additional input devic… Continue reading Protecting private encrypted data on public computers
Story
We are developing an API that which allow consumer to create or modify (i.e. upsert) objects stored in database via an endpoint with HTTP PUT.
The primary key of the object stored in this way is a GUID instead of an a… Continue reading What are the security implications of allowing API consumer to decide primary key stored in database?
A recent employment test prompted me to perform an SQL injection to gain access into their website.
Using manual and automated (Burp) methods, I was able to find out the form is definitely vulnerable to SQL Injection attacks, but every ti… Continue reading How do you perform SQL injection on a login form that checks for email address format?
AWS and Oracle love to take shots at each other, but as much as Amazon has knocked Oracle over the years, it was forced to admit that it was in fact a customer. Today in a company blog post, the company announced it was shedding Oracle for AWS databases, and had effectively turned off its […] Continue reading Amazon migrates more than 100 consumer services from Oracle to AWS databases