Abusing PHP sockets for fun and profit (PDF · 807 kb)

PHP (PHP: Hypertext Preprocessor) is a server-side HTML embedded scripting language which provides web developers with a full suite of tools for building dynamic websites.PHP socket library implements a low-level interface to the socket communication functions based on the popular BSD sockets.

This presentation will focus on the use of PHP socket library from an offensive point of view, demonstrating interesting and creative vectors of attack.

Download Tool (ZIP, 15.1 kb) | View Demo

Blind SQL injection optimization techniques (PDF · 219 kb)

Blind SQL injection is a common vulnerability present in web applications. There are a number of issues when it comes to exploiting it, probably 'time' is the biggest one. Blind SQL injection is a slow attack.

This presentation presents a number of ways to speed up the attack and a practical implementation of such techniques.

Download Tool (PY, 8.8 kb) | View Demo