Demonstrates a method to extract data from a MySQL database using blind injection in fewer requests than currently known techniques such as the Bisection and Bit Shift method.
An introduction to SQLMap's new tamper scripts and how they can be used to bypass Web Application Firewalls and Intrusion Detection Systems.
A detailed explanation of the SQL Injection challenge 2A and the many solutions used to solve this challenge.
A detailed explanation of the SQL Injection challenge 2B and the many solutions used to solve this challenge.
A write-up of the SQL Injection challenges 3A and 3B with the many solutions used to solve these challenges.
A couple years ago Roberto Salgado had the honor of presenting his research on SQL Injections at several conferences. Just recently, Blackhat released the video of his presentation. This post contains the link to Roberto's slides and video.