YoVDO

Blended Web and Database Attacks on Real-Time, In-Memory Platforms

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses R Programming Courses SAP HANA Courses SQL Injection Courses Database Security Courses Web Application Security Courses Server-side JavaScript Courses

Course Description

Overview

Explore the unique security challenges and attack vectors in real-time, in-memory platforms through this 56-minute Black Hat conference talk. Delve into blended web and database attacks, focusing on SAP HANA as an example. Learn about novel SQL injection techniques exploiting "TIME TRAVEL" features, server-side JavaScript exploits via SQL queries, and potential R programming environment vulnerabilities. Understand how social engineering can become crucial in SQL injection attempts. Witness live demonstrations of newly discovered vulnerabilities and gain insights into protecting these platforms. Acquire a reference framework for security assessments and access sample vulnerable applications to avoid common security pitfalls in development. Recommended for those with a basic understanding of web application and database security concepts.

Syllabus

Intro
Company Introduction
Agenda
InMemory Databases
Innovation
Vendors
CP Systems
SAP HANA
Blended Architecture
SQL Injection
Programming Languages
Creating New Applications
SQL Injection Demo
Time Travel
History Tables
SQL Injections
Concern Measures
Crosssite Scripting
Recommendations
Our Server Integration
Control Measures
Cheat Sheet
Conclusions
Thanks


Taught by

Black Hat

Related Courses

Burp Suite: Introducción a las pruebas de penetración
Coursera Project Network via Coursera Ethical Hacking & Network Defe
City College of San Francisco via California Community Colleges System OWASP Top 10: Injection Attacks
Codecademy Defending Node Applications from SQL Injection, XSS, & CSRF Attacks
Codecademy Introduction to Cybersecurity
Codecademy