sqlmap - why (not how) it works?

Oct 14, 20158 likes7,488 views

These are the slides from a talk "sqlmap - why (not how) it works?" held at Navaja Negra & ConectaCon 2015 (Albacete / Spain)

sqlmap – why (not how)
it works?
Miroslav Stampar
(miroslav@sqlmap.org)
sqlmap – why (not how)
it works?
Miroslav Stampar
(miroslav@sqlmap.org)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 2
Formal introduction
sqlmap is an open source penetration testing
tool that automates the process of
detecting and exploiting SQL injection
flaws and taking over of database
servers. It comes with a powerful detection
engine, many niche features for the ultimate
penetration tester and a broad range of
switches lasting from database fingerprinting,
over data fetching from the database, to
accessing the underlying file system and
executing commands on the operating system
via out-of-band connections.

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 3
Birthday

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 4
Short history
Daniele Belluci (@belch) – July 1st
2006,
birthday of @sqlmap
Bernardo Damele A. G. (@inquisb) – late 2006,
joins the @sqlmap
Daniele Belluci (@belch) – late 2006, leaves the
@sqlmap
Miroslav Stampar (@stamparm) – late 2009,
joins the @sqlmap
...and they lived happily ever after :)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 5
sqlmap.py (1)
Version Release date Switches / options Code files LOC Total size
0.(0.)1 2006-06-01 16 3 339 64KB
0.2 2006-12-13 20 7 1117 116KB
0.3 2007-01-20 24 8 1731 160KB
0.4 2007-06-15 34 18 3819 468KB
0.5 2007-11-04 37 23 5711 680KB
0.6 2008-09-01 47 55 11920 1.2MB
0.7 2009-07-25 75 85 19387 5.1MB
0.8 2010-03-14 94 96 22840 5.7MB
0.9 2011-04-10 115 212 38787 9.5MB
1.0(-dev-f89ce21) 177 375 60995 12MB

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 6
sqlmap.py (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 7
sqlmap.py (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 8
sqlmap.org (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 9
sqlmap.org (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 10
sqlmap.org (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 11
sqlmap.org (4)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 12
SourceForge (obsolete)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 13
Mailing list (deprecated)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 14
GitHub (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 15
GitHub (2)
cuckoobox/cuckoo
beefproject/beef
andresriancho/w3af
sqlmapproject/sqlmap
rapid7/metasploit-framework
bro/bro
sleuthkit/sleuthkit
wireshark/wireshark
aircrack-ng/aircrack-ng
...

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 16
GitHub (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 17
GitHub (4)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 18
GitHub (5)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 19
GitHub (6)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 20
GitHub (7)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 21
sqlmapreporter (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 22
sqlmapreporter (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 23
sqlmapreporter (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 24
sqlmapreporter (4)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 25
testenv (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 26
testenv (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 27
testenv (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 28
Benchmark (sectoolmarket.com)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 29
Twitter (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 30
Twitter (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 31
Twitter (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 32
Twitter (4)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 33
Twitter (5)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 34
Donations (PayPal)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 35
???

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 36
Donations (Ƀitcoin)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 37
Dual license (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 38
Dual license (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 39
sqlmappro (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 40
sqlmappro (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 41
BOFH (1)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 42
BOFH (2)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 43
BOFH (3)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 44
BOFH (4)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 45
Answer to the title's question
Because of the long-lasting enthusiasm of a
couple of guys having a large, (very)
demanding and quite responsive user-base
(and couple of angry trolls)
...
...and they lived happily ever after :)

Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 46
Questions?

This document summarizes sqlmap, an open source penetration testing tool used for detecting and exploiting SQL injection flaws. It discusses sqlmap's features such as supporting large data dumps, storing session data, XML payload and query formats, multithreading, direct database connections, loading requests from files, form and site crawling, authentication, detection of reflection and dynamic content, and fingerprinting of databases and web servers.

It all starts with the ' (SQL injection from attacker's point of view)Miroslav Stampar

Heuristic methods used in sqlmapMiroslav Stampar

SQL injection: Not Only AND 1=1 (updated)Bernardo Damele A. G.

The presentation has a quick preamble on SQL injection definition, sqlmap and its key features. I will then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more. These slides have been presented at the 2nd Digital Security Forum in Lisbon on June 27, 2009. Updated version of http://www.slideshare.net/inquis/sql-injection-not-only-and-11.

Advanced SQL injection to operating system full control (slides)Bernardo Damele A. G.

Over ten years have passed since a famous hacker coined the term "SQL injection" and it is still considered one of the major web application threats, affecting over 70% of web application on the Net. A lot has been said on this specific vulnerability, but not all of the aspects and implications have been uncovered, yet. It's time to explore new ways to get complete control over the database management system's underlying operating system through a SQL injection vulnerability in those over-looked and theoretically not exploitable scenarios: From the command execution on MySQL and PostgreSQL to a stored procedure's buffer overflow exploitation on Microsoft SQL Server. These and much more will be unveiled and demonstrated with my own tool's new version that I will release at the Conference (http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele). These slides have been presented at Black Hat Euroe conference in Amsterdam on April 16, 2009.

Advanced SQL injection to operating system full control (whitepaper)Bernardo Damele A. G.

sqlmap - security development in PythonMiroslav Stampar

This document provides an overview of sqlmap, an open source penetration testing tool that automates the detection and exploitation of SQL injection vulnerabilities. It discusses the creators and history of the tool, its main features like database enumeration and takeover functionalities, and techniques for detecting different types of SQL injections like blind, error-based, union queries, and time delays. Examples of how each technique works are also provided.

Sql injection with sqlmapHerman Duarte

Sql injectionNitish Kumar

This document discusses SQL injection attacks and how to mitigate them. It begins by explaining how injection attacks work by tricking applications into executing unintended commands. It then provides examples of how SQL injection can be used to conduct unauthorized access and data modification attacks. The document discusses techniques for finding and exploiting SQL injection vulnerabilities, including through the SELECT, INSERT, UPDATE and UNION commands. It also covers ways to mitigate injection attacks, such as using prepared statements with bound parameters instead of concatenating strings.

Data Retrieval over DNS in SQL Injection AttacksMiroslav Stampar

Sql injectionZidh

The document discusses SQL injection, including its types, methodology, attack queries, and prevention. SQL injection is a code injection technique where a hacker manipulates SQL commands to access a database and sensitive information. It can result in identity spoofing, modifying data, gaining administrative privileges, denial of service attacks, and more. The document outlines the steps of a SQL injection attack and types of queries used. Prevention methods include minimizing privileges, coding standards, and firewalls.

Sql injectionPallavi Biswas

The document discusses SQL injection attacks, including what SQL injection is, types of SQL injection attacks such as first and second order attacks, mechanisms for injection through user input or cookies, and techniques for preventing SQL injection like defensive coding practices and input validation. SQL injection is a code injection technique where malicious SQL statements are inserted into an entry field for execution by the backend database, allowing attackers to view or manipulate restricted data in the database. The document provides examples of SQL injection and explores ways attackers can infer information and encode attacks despite prevention methods.

Sql Injection - Vulnerability and SecuritySandip Chaudhari

Ppt on sql injectionashish20012

This document discusses SQL injection, which is a security vulnerability that allows attackers to interfere with how a database operates. SQL injection occurs when user input is not sanitized and is used directly in SQL queries, allowing attackers to alter the structure and meaning of queries. The document provides an example of how an attacker could log in without a password by adding SQL code to the username field. It also lists some common SQL injection techniques like using comments, concatenation, and wildcards. Finally, it points to additional online resources for learning more about SQL injection and database security.

Expanding the control over the operating system from the databaseBernardo Damele A. G.

Using a database, either via a SQL injection or via direct connection, as a stepping stone to control the underlying operating system can be achieved. There is much to say on operating system control by owning a database server: Windows registry access, anti-forensics technique to establish an out-of-band stealth connection, buffer overflow exploitation with memory protections bypass and custom user-defined function injection. These slides have been presented at SOURCE Conference in Barcelona on September 21, 2009.

SQL injectionRaj Parmar

SQL InjectionAsish Kumar Rath

SQL INJECTIONMentorcs

This document discusses SQL injection (SQLI), which is a code injection technique used to attack data-driven applications. SQLI works by inserting malicious SQL statements into entry fields for execution on the backend database. This allows attackers to read sensitive data, modify database contents, and perform administration tasks. The document outlines common SQLI attack methods like error-based and union-based techniques. It also categorizes SQLI attacks as in-band, inferential/blind, or out-of-band based on how results are returned. Examples are provided to illustrate how SQLI exploits vulnerabilities in dynamic SQL queries.

SQL Injection Adhoura Academy

SQL injection is a code injection technique that exploits vulnerabilities in database-driven web applications. It occurs when user input is not validated or sanitized for string literal escape characters that are part of SQL statements. This allows attackers to interfere with the queries and obtain unauthorized access to sensitive data or make changes to the database. The document then provides step-by-step instructions on how to scan for vulnerabilities, determine database details like name and tables, extract data like user credentials, bypass protections like magic quotes, and use tools to automate the process.

Sql injection attackRajKumar Rampelli

SQL is a language used to access and manipulate databases. It allows users to execute queries, retrieve, insert, update and delete data from databases. SQL injection occurs when malicious code is injected into an SQL query, which can compromise the security of a database. To prevent SQL injection, developers should validate all user input, escape special characters, limit database permissions, and configure databases to not display error information to users.

OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov

Types of sql injection attacksRespa Peter

The document discusses different types of SQL injection attacks, including tautologies, illegal/logically incorrect queries, union queries, piggybacked queries, and stored procedures. Tautologies aim to bypass authentication by making conditional statements always true. Illegal queries gather database information by causing syntax or type errors. Union queries extract data by combining results from multiple tables. Piggybacked queries maliciously execute additional queries by abusing query delimiters. Stored procedures can be used to escalate privileges or execute remote commands if vulnerabilities exist. Examples are provided for each type of attack along with potential solutions.

SQL Injections - A Powerpoint PresentationRapid Purple

DNS exfiltration using sqlmapMiroslav Stampar

Got database access? Own the network!Bernardo Damele A. G.

The presentation highlights techniques to exploit a MySQL, PostgreSQL or Microsoft SQL Server database server in real world: how to abuse databases features to takeover the server as a whole, how to break out of the mere database process, get control of the operating system and escalate process' privileges to SYSTEM and how to make the life of the forensics analyst harder in a post-exploitation investigation. These slides have been presented at AthCon 2010 conference in Athens on June 3, 2010.

How to identify and prevent SQL injection Eguardian Global Services

Getting started with postgresqlbotsplash.com

This document provides an overview of Postgresql, including its history, capabilities, advantages over other databases, best practices, and references for further learning. Postgresql is an open source relational database management system that has been in development for over 30 years. It offers rich SQL support, high performance, ACID transactions, and extensive extensibility through features like JSON, XML, and programming languages.

Non-Esoteric XSS Tips & TricksMiroslav Stampar

SQLMAP Tool Usage - A Heads UpMindfire Solutions

More Related Content

What's hot (20)

Sql injection with sqlmapHerman Duarte

Sql injectionNitish Kumar

Data Retrieval over DNS in SQL Injection AttacksMiroslav Stampar

Sql injectionZidh

Sql injectionPallavi Biswas

Sql Injection - Vulnerability and SecuritySandip Chaudhari

Ppt on sql injectionashish20012

Expanding the control over the operating system from the databaseBernardo Damele A. G.

SQL injectionRaj Parmar

SQL InjectionAsish Kumar Rath

SQL INJECTIONMentorcs

SQL Injection Adhoura Academy

Sql injection attackRajKumar Rampelli

OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov

Types of sql injection attacksRespa Peter

SQL Injections - A Powerpoint PresentationRapid Purple

DNS exfiltration using sqlmapMiroslav Stampar

Got database access? Own the network!Bernardo Damele A. G.

How to identify and prevent SQL injection Eguardian Global Services

Getting started with postgresqlbotsplash.com

Sql injection with sqlmapHerman Duarte

Sql injectionNitish Kumar

Data Retrieval over DNS in SQL Injection AttacksMiroslav Stampar

Sql injectionZidh

Sql injectionPallavi Biswas

Sql Injection - Vulnerability and SecuritySandip Chaudhari

Ppt on sql injectionashish20012

Expanding the control over the operating system from the databaseBernardo Damele A. G.

SQL injectionRaj Parmar

SQL InjectionAsish Kumar Rath

SQL INJECTIONMentorcs

SQL Injection Adhoura Academy

Sql injection attackRajKumar Rampelli

OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov

Types of sql injection attacksRespa Peter

SQL Injections - A Powerpoint PresentationRapid Purple

DNS exfiltration using sqlmapMiroslav Stampar

Got database access? Own the network!Bernardo Damele A. G.

How to identify and prevent SQL injection Eguardian Global Services

Getting started with postgresqlbotsplash.com

Viewers also liked (13)

Non-Esoteric XSS Tips & TricksMiroslav Stampar

SQLMAP Tool Usage - A Heads UpMindfire Solutions

2014 – Year of Broken Name Generator(s)Miroslav Stampar

Smashing the BufferMiroslav Stampar

Curious Case of SQLiMiroslav Stampar

This document describes a case study of discovering and exploiting a SQL injection vulnerability. Over the course of three days, the researcher tested various parameters of a web application using sqlmap and custom payloads. After initial failures, the researcher realized the application was using Windows Search and leveraged its Advanced Query Syntax to conduct file queries and infer file contents. This allowed retrieving a local web.config file containing a SQL Server password. The researcher concluded that thorough manual analysis is needed to fully understand vulnerabilities beyond just using automated scanners.

Riding the Overflow - Then and NowMiroslav Stampar

This document discusses the history and techniques of buffer overflow exploits. It begins with an overview of stack-based and heap-based buffer overflows and vulnerable code. It then details the history of buffer overflow exploitation from 1961 to present day. The rest of the document explains techniques used to exploit buffer overflows such as DEP/NX, ASLR, stack canaries, NOP sleds, return-to-libc, egg hunting, heap spraying, and return-oriented programming. It also discusses defenses implemented by operating systems like SEHOP, SafeSEH, and safe functions.

Hash DoS AttackMiroslav Stampar

Analysis of mass SQL injection attacksMiroslav Stampar

Spot the Web VulnerabilityMiroslav Stampar

Riding the Overflow - Then and NowMiroslav Stampar

Revista derecho constitucional (derechos humanos y estados de excepción)arlenis camacho

Este documento resume los conceptos clave relacionados con los derechos humanos y los estados de excepción. Explica que los estados de excepción son mecanismos contemplados en las constituciones para situaciones extraordinarias que pueden afectar la seguridad nacional y que permiten restringir temporalmente ciertas garantías constitucionales. También analiza los controles existentes para evitar abusos durante los estados de excepción y la necesidad de proteger los derechos humanos fundamentales en todo momento.

Evolucion historica de la criminologiaarlenis camacho

Este documento resume la evolución histórica del derecho penal desde la antigüedad hasta la edad moderna. En la antigüedad, filósofos como Sócrates, Platón y Aristóteles consideraban que factores como la pobreza influían en la criminalidad. En la edad media, Tomás de Aquino también relacionó la pobreza con el delito. En la edad moderna, pensadores como Darwin y Durkheim analizaron la agresividad y delincuencia desde perspectivas biológicas y sociológicas. El documento conclu

Ladies waterproof head scarfshopkrysi47

Non-Esoteric XSS Tips & TricksMiroslav Stampar

SQLMAP Tool Usage - A Heads UpMindfire Solutions

2014 – Year of Broken Name Generator(s)Miroslav Stampar

Smashing the BufferMiroslav Stampar

Curious Case of SQLiMiroslav Stampar

Riding the Overflow - Then and NowMiroslav Stampar

Hash DoS AttackMiroslav Stampar

Analysis of mass SQL injection attacksMiroslav Stampar

Spot the Web VulnerabilityMiroslav Stampar

Riding the Overflow - Then and NowMiroslav Stampar

Revista derecho constitucional (derechos humanos y estados de excepción)arlenis camacho

Evolucion historica de la criminologiaarlenis camacho

Ladies waterproof head scarfshopkrysi47

Similar to sqlmap - why (not how) it works? (18)

UKSG Conference 2015 - E-resources: ezPAARSE helps you discover who is readin...UKSG: connecting the knowledge community

Funnel Analysis with Apache Spark and DruidDatabricks

Every day, millions of advertising campaigns are happening around the world. As campaign owners, measuring the ongoing campaign effectiveness (e.g “how many distinct users saw my online ad VS how many distinct users saw my online ad, clicked it and purchased my product?”) is super important. However, this task (often referred to as “funnel analysis”) is not an easy task, especially if the chronological order of events matters. One way to mitigate this challenge is combining Apache Druid and Apache DataSketches, to provide fast analytics on large volumes of data. However, while that combination can answer some of these questions, it still can’t answer the question “how many distinct users viewed the brand’s homepage FIRST and THEN viewed product X page?” In this talk, we will discuss how we combine Spark, Druid and DataSketches to answer such questions at scale.

Azure Stream AnalyticsMarco Parenzan

RuleML2015: Compact representation of conditional probability for rule-based...RuleML

Context-aware systems gained huge popularity in recent years due to rapid evolution of personal mobile devices. Equipped with variety of sensors, such devices are sources of a lot of valuable information that allows the system to act in an intelligent way. However, the certainty and presence of this information may depend on many factors like measurement accuracy or sensor availability. Such a dynamic nature of information may cause the system not to work properly or not to work at all. To allow for robustness of the context-aware system an uncertainty handling mechanism should be provided with it. Several approaches were developed to solve uncertainty in context knowledge bases, including probabilistic reasoning, fuzzy logic, or certainty factors. In this paper, we present a representation method that combines strengths of rules based on the attributive logic and Bayesian networks. Such a combination allows efficiently encode conditional probability distribution of random variables into a reasoning structure called XTT2. This provides a method for building hybrid context-aware systems that allows for robust inference in uncertain knowledge bases.

Real-time user profiling based on Spark streaming and HBase by Arkadiusz Jach...Big Data Spain

Agora owns dozens of themed, classified, entertainment and social services. There are news and sports portals, forums, advertising services, blogs and many other thematic websites. All sites generate over 400 page views per second (under normal conditions) and considerably more events (likes focus, clicks and scrolling events). It raises one question: how to build user profiles real-time in such a dynamic and changing environment? Session presented at Big Data Spain 2015 Conference 15th Oct 2015 Kinépolis Madrid http://www.bigdataspain.org Event promoted by: http://www.paradigmatecnologico.com Abstract: http://www.bigdataspain.org/program/thu/slot-16.html

SiamQuant Workshop 2.0 Slidessiamquant

This document summarizes the new features of SiamQuant 2.0, including new variables for pricing, fundamentals, and profit/cash flow. It also outlines new hybrid database templates, analytic chart templates, and backtesting templates. Key additions are quarterly earnings, future benefits, an alternate pricing model, and SET TRI index data. The workshop covers Clenow's double moving average, high return on equity rotation, and EdSeyKota's double Donchian channel strategies.

PRGTUG Meeting: Lost in Data? Let's Chart the Way Out!Stanislava Tropcheva

Low-cost data-driven 3D reconstruction and its applications @ 6th ICE 3D Body...Alfredo BALLESTER FERNÁNDEZ

Presented the 28th October 2015 at the 6th International Conference and Exhibition on body Scanning Technologies 2015, Hometrica Consulting, Lugano, Switzerland. The access to the 3D representation of people’s body shape has multiple applications to consumer goods which performance is related to human body dimensions or shape. This is the case of wearables such as clothing, footwear, headgear, orthotics, or equipment/environments such as furniture, transports or workstations. Some of the existing and potential applications of 3D human representations include personalisation, virtual try-on or size allocation for wearables or product configuration/adjustment for equipment/environments. However, the cost of 3D scanners is high; the devices are too bulky for homes and retail stores; and its proper use requires expertise to get the relevant parameters from the 3D object (e.g. measurements). These three barriers are currently hindering the massive spreading of 3D scanners as consumer good or as typical in-store appliance. This paper describes an array of approaches for realistically estimating human 3D shapes (i.e. full bodies or feet) using a regular smartphone or just entering a set of parameters (e.g. age, gender and self-taken measurements). The proposed approaches are based on data-driven 3D reconstructions, using parameterised shape spaces created from large 3D human body or feet databases. The algorithm finds the combination of shape parameters that best matches either the silhouettes extracted from the images or the body measurements entered. Despite not being actual body scanners, these solutions are easy-to-use and can provide enough accuracy for applications such as virtual try-on, made-to-measure or size allocation of certain types of wearables. Moreover, they can be distributed to the final consumer or to the points of sale at a really reduced cost (or even for free), thus overcoming the main barriers to the massive spreading of its use in e-commerce, new retail experiences, new production pipelines or new business models. In order to illustrate these technologies, some examples of application to different contexts (i.e. virtual worlds, e-commerce and personalisation) are presented: virtual try-on of female fashion (VisuaLook), size allocation for childrenswear (KIDSIZE), personalised comfort insoles (Sunfeet) and personalised shoes (Feetz).

LINEデリマでのElasticsearchの運用と監視の話LINE Corporation

PRGTUG: Lost in Data? Let's Chart the Way Out!Stanislava Tropcheva

The RIPE Atlas Global Internet Measurement NetworkRIPE NCC

The document discusses the RIPE Atlas Global Internet Measurement Network. Some key points: - RIPE Atlas is a global network of thousands of probes that collects network measurement data through ping, traceroute, DNS, and other tests. - The data is publicly available via online maps and an API. Over 8,200 probes have collected over 2,500 measurement results per second. - New features allow real-time streaming of measurement results and replaying historical data. Custom measurements can test connections to specific hosts.

Exploratory data analysis in R - Data Science ClubMartin Bago

Analyzing the State of Static Analysis: A Large-Scale Evaluation in Open Sour...Moritz Beller

The use of automatic static analysis has been a software engineering best practice for decades. However, we still do not know a lot about its use in real-world software projects: How prevalent is the use of Automated Static Analysis Tools (ASATs) such as FindBugs and JSHint? How do developers use these tools, and how does their use evolve over time? We research these questions in two studies on nine different ASATs for Java, JavaScript, Ruby, and Python with a population of 122 and 168,214 open-source projects. To compare warnings across the ASATs, we introduce the General Defect Classification (GDC) and provide a grounded-theory-derived mapping of 1,825 ASAT-specific warnings to 16 top-level GDC classes. Our results show that ASAT use is widespread, but not ubiquitous, and that projects typically do not enforce a strict policy on ASAT use. Most ASAT configurations deviate slightly from the default, but hardly any introduce new custom analyses. Only a very small set of default ASAT analyses is widely changed. Finally, most ASAT configurations, once introduced, never change. If they do, the changes are small and have a tendency to occur within one day of the configuration’s initial introduction.

Tracxn - Big Data Infrastructure Startup LandscapeAmar Christy

The document provides an overview of the big data infrastructure sector as of January 2018. It details that over $6 billion has been invested in the sector, with 162292 companies covered on the Tracxn platform. The top markets for investment are management tools, operational processing in graph stores, and real-time processing in stream computing. Notable companies include Cloudera, MongoDB, Hortonworks, and MarkLogic.

RIPE Atlas streamingMassimo Candela

RIPE Atlas is the biggest internet measurement network composed of more than 8000 probes distributed worldwide. The new RIPE Atlas streaming service allows you to tap into the real-time data flow of all the collected public results. Every time our system receives a data point or a probe connectivity event occurs, it's also delivered to the clients that are "tuned in" to that result stream. This feature is implemented using web sockets.

Scaling Agile Data Warehousing with the Scaled Agile Framework (SAFe)Em Campbell-Pretty

They said, “You can’t use Agile to deliver an Integrated Enterprise Data Warehouse!” but they were wrong. With a little bit of pragmatism and a whole lot of hard work, that is exactly what we did. When the Enterprise Data Warehouse delivery team began their Agile journey, they scaled from 1 to 6 teams in a matter of months and found themselves struggling to make the leap from agile projects to an Agile program. After reading Dean Leffingwell’s Scaling Software Agility and Agile Software Requirements Em Campbell-Pretty was inspired to establish Australia's first SAFe Agile Release Train. The session will cover how she applied the Scaled Agile Framework, transforming not only the delivery capability of the EDW team but also the culture. The audience will come away a recipe for applying agile to data warehousing and the secret ingredients to create the right culture. Presented at the Agile Denver Meetup 8th October 2015

Scaling Agile Data Warehousing with the Scaled Agile Framework (SAFe)Context Matters

Em Campbell-Pretty gave a presentation on scaling agile practices to a large enterprise data warehousing program. The data warehouse contained over 80 TB of business data across 28 servers processing 400 million records daily. Campbell-Pretty described establishing agile teams, organizing them into a release train, and using SAFe principles and practices to coordinate their work. This resulted in delivery cycle times decreasing from 12 months to 3 months with weekly deployments, cost reductions of 70%, and improvements in quality, on-time delivery, and team satisfaction.

Alessandro Terenzi (InGlobe Technologies): Object Tracking with ARMedia SDKAugmentedWorldExpo

A talk from the Develop Track at AWE USA 2017 - the largest conference for AR+VR in Santa Clara, California May 31- June 2, 2017. Alessandro Terenzi (InGlobe Technologies): Object Tracking with ARMedia SDK The talk presents the main features of the latest version of the ARMedia SDK with a focus on the 3D object tracking capabilities from a developer's perspective. The whole process involved in the creation of 3D trackable data will be discussed using both CAD-based and photogrammetry-based approaches, showing the strengths and weaknesses of each with reference to real-world use-cases. Finally, the new multiple-objects tracking feature will be demonstrated with reference to a car-tracking scenario. http://AugmentedWorldExpo.com

UKSG Conference 2015 - E-resources: ezPAARSE helps you discover who is readin...UKSG: connecting the knowledge community

Funnel Analysis with Apache Spark and DruidDatabricks

Azure Stream AnalyticsMarco Parenzan

RuleML2015: Compact representation of conditional probability for rule-based...RuleML

Real-time user profiling based on Spark streaming and HBase by Arkadiusz Jach...Big Data Spain

SiamQuant Workshop 2.0 Slidessiamquant

PRGTUG Meeting: Lost in Data? Let's Chart the Way Out!Stanislava Tropcheva

Low-cost data-driven 3D reconstruction and its applications @ 6th ICE 3D Body...Alfredo BALLESTER FERNÁNDEZ

LINEデリマでのElasticsearchの運用と監視の話LINE Corporation

PRGTUG: Lost in Data? Let's Chart the Way Out!Stanislava Tropcheva

The RIPE Atlas Global Internet Measurement NetworkRIPE NCC

Exploratory data analysis in R - Data Science ClubMartin Bago

Analyzing the State of Static Analysis: A Large-Scale Evaluation in Open Sour...Moritz Beller

Tracxn - Big Data Infrastructure Startup LandscapeAmar Christy

RIPE Atlas streamingMassimo Candela

Scaling Agile Data Warehousing with the Scaled Agile Framework (SAFe)Em Campbell-Pretty

Scaling Agile Data Warehousing with the Scaled Agile Framework (SAFe)Context Matters

Alessandro Terenzi (InGlobe Technologies): Object Tracking with ARMedia SDKAugmentedWorldExpo

More from Miroslav Stampar (7)

sqlmap - "One Tiny Step At a Time"Miroslav Stampar

Blind WAF identificationMiroslav Stampar

sqlmap internalsMiroslav Stampar

Why everybody should do CTF / Wargames?Miroslav Stampar

The document discusses Capture the Flag (CTF) competitions and wargames and why everyone should participate in them. It notes that CTFs are legal hacking games or puzzles that help people improve their information security skills. Wargames are similar but always online and have no time limits. The document outlines different categories of challenges people may encounter in CTFs and wargames, including programming, cryptography, steganography, forensics, reverse engineering, and web challenges. It argues that participating provides free training, is fun, helps improve skills, allows competitive testing of skills, and can help with recruitment and stress testing teams.

Improving Network Intrusion Detection with Traffic DenoiseMiroslav Stampar

This document discusses improving network intrusion detection systems by filtering out "noise" from real threats. It proposes collecting data from multiple sensors on different IP ranges to identify traffic that is seen across many networks, which is likely noise rather than targeted attacks. By ignoring or lowering the severity of events originating from noisy IP addresses found on public blacklists or seen across different sensor networks, the system could focus alerts on real adversaries and reduce the number of false alarms. An experimental system using these techniques saw a 35-37% reduction in total events and threats after filtering noise. Further development could help security teams prioritize real network threats.

APT Attacks on Critical InfrastructureMiroslav Stampar

WARNING: Do Not Feed the BearsMiroslav Stampar

sqlmap - "One Tiny Step At a Time"Miroslav Stampar

Blind WAF identificationMiroslav Stampar

sqlmap internalsMiroslav Stampar

Why everybody should do CTF / Wargames?Miroslav Stampar

Improving Network Intrusion Detection with Traffic DenoiseMiroslav Stampar

APT Attacks on Critical InfrastructureMiroslav Stampar

WARNING: Do Not Feed the BearsMiroslav Stampar

Recently uploaded (20)

How to Switch Hosting Providers in Vancouver Without Any Downtimesteve198109

Switching web hosting providers can feel like a daunting task—especially if you're running a business, wellness brand, blog, or eCommerce store in Vancouver that depends on 24/7 uptime. This comprehensive guide walks you through every essential step to migrate your website to a new hosting provider without experiencing any downtime or disruption. Whether you're switching due to slow load times, poor customer service, rising renewal costs, or a desire for better security and scalability, this post ensures you do it right the first time. From choosing the right local hosting service in Vancouver—such as 4GoodHosting—to backing up your files, testing your new environment, and monitoring DNS changes, every phase is explained with practical tips and tools. You'll also discover why Vancouver-based servers improve your SEO, boost page speed, and offer regionally aligned customer support. Perfect for green startups, wellness entrepreneurs, and growing online stores, this guide helps ensure a smooth transition with no interruptions, lost data, or negative customer experiences. If you're ready to make the switch and want to protect your brand reputation, maximize website performance, and maintain business continuity, this guide is your roadmap. Let 4GoodHosting help you get started with secure, local, and scalable hosting solutions in Canada.

data science data stoger Presentation1.pptxsandeepsherkhane830

Virtualization Trends Streamlining Operations in Telecom with David Bernard ...David Bernard Ezell

The telecommunications industry is undergoing a significant transformation driven by virtualization technologies. Virtualization, which involves the abstraction of hardware resources and the creation of virtual instances of software-based functions, is revolutionizing the way telecom operators design, deploy, and manage their networks. In this blog, we delve into the latest virtualization trends that are reshaping operations in the telecom sector, driving efficiency, agility, and innovation.

Perguntas dos animais - Slides ilustrados de múltipla escolhasocaslev

(Hosting PHising Sites) for Cryptography and network securityaluacharya169

Determining Glass is mechanical textileAzizul Hakim

APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC

Best web hosting Vancouver 2025 for you businesssteve198109

Vancouver in 2025 is more than scenic views, yoga studios, and oat milk lattes—it’s a thriving hub for eco-conscious entrepreneurs looking to make a real difference. If you’ve ever dreamed of launching a purpose-driven business, now is the time. Whether it’s urban mushroom farming, upcycled furniture sales, or vegan skincare sold online, your green idea deserves a strong digital foundation. The 2025 Canadian eCommerce landscape is being shaped by trends like sustainability, local innovation, and consumer trust. To stay ahead, eco-startups need reliable hosting that aligns with their values. That’s where 4GoodHosting.com comes in—one of the top-rated Vancouver web hosting providers of 2025. Offering secure, sustainable, and Canadian-based hosting solutions, they help green entrepreneurs build their brand with confidence and conscience. As eCommerce in Canada embraces localism and environmental responsibility, choosing a hosting provider that shares your vision is essential. 4GoodHosting goes beyond just hosting websites—they champion Canadian businesses, sustainable practices, and meaningful growth. So go ahead—start that eco-friendly venture. With Vancouver web hosting from 4GoodHosting, your green business and your values are in perfect sync.

final project for icpna b08 if someone want.pptxESTEFANOANDREYGARCIA

Computers Networks Computers Networks Computers NetworksTito208863

highend-srxseries-services-gateways-customer-presentation.pptxelhadjcheikhdiop

Smart Mobile App Pitch Deck丨AI Travel App Presentation Templateyojeari421237

🚀 Smart Mobile App Pitch Deck – "Trip-A" | AI Travel App Presentation Template This professional, visually engaging pitch deck is designed specifically for developers, startups, and tech students looking to present a smart travel mobile app concept with impact. Whether you're building an AI-powered travel planner or showcasing a class project, Trip-A gives you the edge to impress investors, professors, or clients. Every slide is cleanly structured, fully editable, and tailored to highlight key aspects of a mobile travel app powered by artificial intelligence and real-time data. 💼 What’s Inside: - Cover slide with sleek app UI preview - AI/ML module implementation breakdown - Key travel market trends analysis - Competitor comparison slide - Evaluation challenges & solutions - Real-time data training model (AI/ML) - “Live Demo” call-to-action slide 🎨 Why You'll Love It: - Professional, modern layout with mobile app mockups - Ideal for pitches, hackathons, university presentations, or MVP launches - Easily customizable in PowerPoint or Google Slides - High-resolution visuals and smooth gradients 📦 Format: - PPTX / Google Slides compatible - 16:9 widescreen - Fully editable text, charts, and visuals

What's going on with IPv6? presented by Geoff HustonAPNIC

Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingsteve198109

Mobile database for your company telemarketing or sms marketing campaigns. Fr...DataProvider1

5-Proses-proses Akuisisi Citra Digital.pptxandani26

White and Red Clean Car Business Pitch Presentation.pptxcanumatown

Understanding the Tor Network and Exploring the Deep Webnabilajabin35

While the Tor network, Dark Web, and Deep Web can seem mysterious and daunting, they are simply parts of the internet that prioritize privacy and anonymity. Using tools like Ahmia and onionland search, users can explore these hidden spaces responsibly and securely. It’s essential to understand the technology behind these networks, as well as the risks involved, to navigate them safely. Visit https://torgol.com/

IT Services Workflow From Request to Resolutionmzmziiskd

Reliable Vancouver Web Hosting with Local Servers & 24/7 Supportsteve198109

Looking for powerful and affordable web hosting in Vancouver? 4GoodHosting offers premium Canadian web hosting solutions designed specifically for individuals, startups, and businesses across British Columbia. With local data centers in Vancouver and Toronto, we ensure blazing-fast website speeds, superior uptime, and enhanced data privacy—all critical for your business success in today’s competitive digital landscape. Our Vancouver web hosting plans are packed with value—starting as low as $2.95/month—and include secure cPanel management, free domain transfer, one-click WordPress installs, and robust email support with anti-spam protection. Whether you're hosting a personal blog, business website, or eCommerce store, our scalable cloud hosting packages are built to grow with you. Enjoy enterprise-grade features like daily backups, DDoS protection, free SSL certificates, and unlimited bandwidth on select plans. Plus, our expert Canadian support team is available 24/7 to help you every step of the way. At 4GoodHosting, we understand the needs of local Vancouver businesses. That’s why we focus on speed, security, and service—all hosted on Canadian soil. Start your online journey today with a reliable hosting partner trusted by thousands across Canada.

How to Switch Hosting Providers in Vancouver Without Any Downtimesteve198109

data science data stoger Presentation1.pptxsandeepsherkhane830

Virtualization Trends Streamlining Operations in Telecom with David Bernard ...David Bernard Ezell

Perguntas dos animais - Slides ilustrados de múltipla escolhasocaslev

(Hosting PHising Sites) for Cryptography and network securityaluacharya169

Determining Glass is mechanical textileAzizul Hakim

APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC

Best web hosting Vancouver 2025 for you businesssteve198109

final project for icpna b08 if someone want.pptxESTEFANOANDREYGARCIA

Computers Networks Computers Networks Computers NetworksTito208863

highend-srxseries-services-gateways-customer-presentation.pptxelhadjcheikhdiop

Smart Mobile App Pitch Deck丨AI Travel App Presentation Templateyojeari421237

What's going on with IPv6? presented by Geoff HustonAPNIC

Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingsteve198109

Mobile database for your company telemarketing or sms marketing campaigns. Fr...DataProvider1

5-Proses-proses Akuisisi Citra Digital.pptxandani26

White and Red Clean Car Business Pitch Presentation.pptxcanumatown

Understanding the Tor Network and Exploring the Deep Webnabilajabin35

IT Services Workflow From Request to Resolutionmzmziiskd

Reliable Vancouver Web Hosting with Local Servers & 24/7 Supportsteve198109

sqlmap - why (not how) it works?

1. sqlmap – why (not how) it works? Miroslav Stampar ([email protected]) sqlmap – why (not how) it works? Miroslav Stampar ([email protected])

2. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 2 Formal introduction sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

3. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 3 Birthday

4. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 4 Short history Daniele Belluci (@belch) – July 1st 2006, birthday of @sqlmap Bernardo Damele A. G. (@inquisb) – late 2006, joins the @sqlmap Daniele Belluci (@belch) – late 2006, leaves the @sqlmap Miroslav Stampar (@stamparm) – late 2009, joins the @sqlmap ...and they lived happily ever after :)

5. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 5 sqlmap.py (1) Version Release date Switches / options Code files LOC Total size 0.(0.)1 2006-06-01 16 3 339 64KB 0.2 2006-12-13 20 7 1117 116KB 0.3 2007-01-20 24 8 1731 160KB 0.4 2007-06-15 34 18 3819 468KB 0.5 2007-11-04 37 23 5711 680KB 0.6 2008-09-01 47 55 11920 1.2MB 0.7 2009-07-25 75 85 19387 5.1MB 0.8 2010-03-14 94 96 22840 5.7MB 0.9 2011-04-10 115 212 38787 9.5MB 1.0(-dev-f89ce21) 177 375 60995 12MB

6. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 6 sqlmap.py (2)

7. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 7 sqlmap.py (3)

8. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 8 sqlmap.org (1)

9. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 9 sqlmap.org (2)

10. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 10 sqlmap.org (3)

11. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 11 sqlmap.org (4)

12. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 12 SourceForge (obsolete)

13. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 13 Mailing list (deprecated)

14. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 14 GitHub (1)

15. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 15 GitHub (2) cuckoobox/cuckoo beefproject/beef andresriancho/w3af sqlmapproject/sqlmap rapid7/metasploit-framework bro/bro sleuthkit/sleuthkit wireshark/wireshark aircrack-ng/aircrack-ng ...

16. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 16 GitHub (3)

17. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 17 GitHub (4)

18. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 18 GitHub (5)

19. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 19 GitHub (6)

20. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 20 GitHub (7)

21. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 21 sqlmapreporter (1)

22. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 22 sqlmapreporter (2)

23. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 23 sqlmapreporter (3)

24. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 24 sqlmapreporter (4)

25. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 25 testenv (1)

26. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 26 testenv (2)

27. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 27 testenv (3)

28. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 28 Benchmark (sectoolmarket.com)

29. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 29 Twitter (1)

30. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 30 Twitter (2)

31. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 31 Twitter (3)

32. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 32 Twitter (4)

33. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 33 Twitter (5)

34. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 34 Donations (PayPal)

35. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 35 ???

36. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 36 Donations (Ƀitcoin)

37. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 37 Dual license (1)

38. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 38 Dual license (2)

39. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 39 sqlmappro (1)

40. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 40 sqlmappro (2)

41. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 41 BOFH (1)

42. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 42 BOFH (2)

43. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 43 BOFH (3)

44. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 44 BOFH (4)

45. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 45 Answer to the title's question Because of the long-lasting enthusiasm of a couple of guys having a large, (very) demanding and quite responsive user-base (and couple of angry trolls) ... ...and they lived happily ever after :)

46. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 46 Questions?

sqlmap - why (not how) it works?

Recommended

More Related Content

What's hot (20)

Viewers also liked (13)

Similar to sqlmap - why (not how) it works? (18)

More from Miroslav Stampar (7)

Recently uploaded (20)

sqlmap - why (not how) it works?