Being employed with BI.ZONE, I have to exploit Blind SQL injection vulnerabilities on a regular basis. In fact, I encounter Blind-based cases even more frequently than Union- or Error-based ones. But how to raise the efficiency of such attack? This article provides an overview of approaches used to exploit Blind SQL injection and techniques expediting the exploitation.

Once a quarter, PostgreSQL publishes minor releases containing vulnerabilities. Sometimes, such bugs make it possible to make an unprivileged user a local king superuser. To fix them, Postgres DBAs release patches simultaneously with the updates and sleep peacefully. However, many forks share a large codebase with PG and remain vulnerable! I reviewed the historical Postgres CVEs in search of interesting security holes and found plenty of exciting stuff there.

As you are likely aware, forensic analysis tools quickly become obsolete, while hackers continuously invent new techniques enabling them to cover tracks! As a result, valiant DFIR (Digital Forensics and Incident Response) fighters suffer fiascoes on a regular basis. So, I suggest to put aside the outdated (but no less sharp Scalpel) for now and look around for new tools.

Network fraudsters and carders continuously invent new ways to steal money from cardholders and card accounts. This article discusses techniques used by criminals to bypass security systems protecting bank cards.

Antiviruses are extremely useful tools – but not in situations when you need to remain unnoticed on an attacked network. Today, I will explain how to fool antivirus programs and avoid detection in compromised systems during penetration testing.

I bet you have several cards issued by international payment systems (e.g. Visa or MasterCard) in your wallet. Do you know what algorithms are used in these cards? How secure are your payments? People pay with such cards every day but know very little about them. Numerous myths accompany card payments. But to understand what tricks can be used to steal money from a card, you must first get an idea of the payment mechanisms used in it.

When you attack a web app, you sometimes have to perform a certain sequence of actions multiple times (e.g. brute-force a password or the second authentication factor, repeatedly use the same resource, etc.). There are plenty of tools designed for this purpose. Which one to choose if you need, for instance, to make five requests over HTTP a thousand times in a row, while maintaining the same session? My choice is Burp Suite, and in this article, I will explain why.