Christian Edjenguele

domenica 26 aprile 2009

The OpenSQLiNG project starts

I'm glad to announce the start, of the next generation open source sql injection tool, see the project page page for details at: http://opensqling.sourceforge.net/

Database Environment : Project is a database abstraction layer (API)
Intended Audience : Advanced End Users, Developers, System Administrators
License : GNU General Public License (GPL)
Operating System : OS Independent (Written in an interpreted language)
Programming Language : Java, Jython
Topic : Security
Translations : English
User Interface : Command-line, Web-based, Plugins

Summary

OpenSQLi-NG (pronounced Open SQLi N-G) is the next generation open source sql injection tool, build upon a powerful Client/Server plugins-based architecture, It silently test and exploit (on-demand) SQL injections conditions, its core features are DBMS fingerprint, database enumeration and the operating system commands execution. it's coded in python with java class libraries, this makes it completly OS-independent. a Web-Interface will also be available.
Note that this is only the engine of a big vulnarability scanner that I'm planning to implement.

sabato 25 aprile 2009

Website unavailable

just to inform my website http://christian.africa-web.org is unvailable due to a server problem.
thanks for your patience.

mercoledì 22 aprile 2009

mercoledì 8 aprile 2009

OpenVAS Developer Conference #2 (July 9-12 2009)

The second OpenVAS developer conference takes again place in Osnabrück, Germany. This page summarizes the current state of planning.

Attention: User's Workshop planned: Workshop on OpenVAS administration and deployment on the day prior to the conference: July 8th 2009. Costs will be reasonable and the money spend to cover travel costs for students and other private OpenVAS developers. Please express your serious interest to openvas-devcon@intevation.de.

Agenda:

This is a collection of thoughts discussed on the mailing list openvas-discuss. Please involve yourself there to express your ideas or needs.

A major goal is derive a master plan for the next 12-24 month of development.

* review the past 2 years of progress
* plan future features
o Walkthrough of all the pending CR's
* discuss core designs (towards OpenVAS 3.0)
o OIDs: final layout and assignment procedure
o how to get rid of the opevas-plugins module
o replace the current internationalization concepts in nasl/server with a solution by standard technologies
o OVAL with OpenVAS
* discuss how to extend NVT coverage
* discuss whether and how to retire NVTs
* discuss professional services and how they relate to project
* meet the members of the OpenVAS mailing lists in real life and have a beer (or other beverages)

Place:

Intevation GmbH kindly hosts the developer conference at their offices:
Neuer Graben 17
49074 Osnabrück
Germany

Note for attendies of the DevCon1: Intevation moved to new offices in 2008 which are around 5 minutes walking distance from the ones where DevCon1 took place.

Accomodation:

Intevation will take care of hotel reservations. Please include your preferences with the expression of interest for attending.

How to attend:

Please let us know on the openvas-discuss mailing list or directly to openvas-devcon@intevation.de whether you like to attend.

Event page: http://www.openvas.org/openvas-devcon2.html

giovedì 26 giugno 2008

OWASP NYC AppSec 2008 Conference

Management, Developers, Security Professionals – can only result in one thing…… better security.

http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th 2008