About Administrador

This author has not yet filled in any details.
So far Administrador has created 238 blog entries.

MySQL stored procedures protection

By |16 Feb. 2015|Tarlogic's Blog - Cybersecurity|

Welcome to the new Tarlogic blog, where we will try to unroll technical articles focused on website security audits or cloud applications security and services deployment. In this article we will talk about the protection of sql injection attacks on MySQL database stored procedures. Sometimes, part of the data access operation of applications is performed through the use of MySQL stored procedures. The need for the use of stored procedures in MySQL is very varied and may depend largely on the type of application being developed but, most people agree that three of the main reasons for its use are: Integrity of the information: Centralizing the access to certain information through a single mechanism. Security, because of the possibility offered ...

Read More
Comments Off on MySQL stored procedures protection

randomHeader extension for burp suite

By |16 Feb. 2015|Tarlogic's Blog - Cybersecurity|

When performing a web application security assessment that has the capability to detect and block attacks, the auditor has to figure out how to successfully complete the audit when these security elements block the client's IP address. Depending on how the application is configured and depending on the different perimetetral security elements that are part of the network architecture, the manipulation of the source IP address, through HTTP headers, can be enough to defeat the protection mechanisms. For example, a misconfigured application can make use of HTTP headers such as X-Forwarded-For to trigger actions against the client. Improper handling these IP addresses, sometimes manipulable by the user, can lead to the following: Bypass IP blocking when an attack occurs. ...

Read More
Comments Off on randomHeader extension for burp suite

We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off in Cookies Settings

Privacy policy - Legal notice

Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.

Cookies policy