addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgoogleimageimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

SQL Injection: Stealing Data for Fun And Profit

On our journey through the OWASP Top 10 laws, next up we come to SQL Injection, the most common form of the top ranked flaw.

There will be a presentation on the issue and why it happens, and then we will use the Web Security Dojo VM to provide hands on labs for all who are interested. Details on software required for the labs will be forthcoming as we get closer to the day.

Finally, mitigation strategies will be discussed.

Please note the date has changed from the original one proposed to be a week later,  if you have already added it to your calendar.

Join or login to comment.

  • Bill Y.

    Color me unhappy :-( This afternoon (01/24/2013), I downloaded and installed the Dojo image, drove through traffic to the Cary library, and discovered that Steve's presentation was LAST night. Shucks. Besides my own disorganization, I blame the AT&T outage that kept many of us offline from Monday night to this morning. At least I have the software to look at. Thanks in absentia for your leadership and instruction, Steve.

    January 24, 2013

  • Rich D.

    Great job Steve -

    January 24, 2013

  • Roger A.

    Sorry to miss the meeting tonight. I had a business meeting that would never end and didn't get away until too late.

    January 23, 2013

  • Steve P.

    If you can, please install VirtualBox on your computer and download the latest version of Web Security Dojo, version 2.1-Beta. http://sourceforge.net/projects/websecuritydojo/files/Version_2.1-beta/Dojo_2.1-beta_SQL_labs.ova/download .
    Copies will be available on DVD and a network drive on site, but will save us time if some folks have it downloaded ahead of time.

    See you all tomorrow!

    January 23, 2013

  • A former member
    A former member

    Hey guys, new to the group and excited to come and learn tomorrow. Is there anything I need to bring to be more interactive (besides my brain)? I saw the group had lab setup instructions for VM's (is VMWare required or will VirtualBox work?), is that needed or are these more like presentations that I can take back and test out later?

    January 22, 2013

    • Steve P.

      VirtualBox is prefered, VMware should work(but I'm not very familiar with it.)

      January 22, 2013

    • Steve P.

      There will be both more "lecture" and "hands on" time. Sorry more details on the software haven't been posted yet, I've been trying to get an updated version of the training env. put together which should be posted tonight with install instructions. DVDs will also be available on site for people who can't get the software ahead of time.

      January 22, 2013

27 went

Our Sponsors

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy