-
Whitepaper: Access through access by Brett Moore, attacking Microsoft Access
Brett Moore has published a great document on how to SQL Inject applications utilizing Microsoft Access. He discusses default tablenames, sandboxing, reading local files and more. There aren't many good papers on attacking MS Access and this is WELL worth the read. From the paper ""MS Access is commonly thought of as the little brother…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack