Flashback: Sqlmap - a little how-to, and getting your developers involved in using it.
BrakeSec Education Podcast · Bryan Brake
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
This is a flashback from July 2015.
Mr. Boettcher and I discussed SQLMAP, a tool that can automate the process of pentesting databases and even registries on Windows. We discuss some functions of the program and why developers should get training on these.
Mr. Boettcher and I talk about how Infosec professionals should help to educate QA and Developers to be able to look at their processes and incorporate security testing, using tools like sqlmap in the Software lifecycle.
SQLMAP links
SQLMAP Wiki and more detailed documentation - https://github.com/sqlmapproject/sqlmap/wiki
https://github.com/sqlmapproject/sqlmap
http://hackertarget.com/sqlmap-tutorial/
https://www.owasp.org/index.php/Automated_Audit_using_SQLMap
http://www.binarytides.com/sqlmap-hacking-tutorial/
http://blog.spiderlabs.com/2013/12/sqlmap-tricks-for-advanced-sql-injection.html
Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/