Database fingerprinting & reconnaissance


Database fingerprinting is the process of 'feeling out' a database using SQL to gather more information to be able to perform a more successful attack. The hacker performs basic interrogation such as finding out the database version and type e.g. Oracle or MYSQL. This might be done using direct queries or forcing and analyzing error messages. The hacker might also make an educated guess in finding table names e.g. finding the 'Users' or 'Admin' tables. In turn this can then lead into identifying fields for Username, Email address and Password.

Research
Hacker’s Almanac Series I: The Threat Actors

Hacker’s Almanac Series I: The Threat Actors

This is part one of a three part field guide to understanding cybercriminals/threat actors and their tactics, techniques and procedures.

Read more
Research
Hacker’s Almanac Series II: Tactics, Techniques and Procedures

Hacker’s Almanac Series II: Tactics, Techniques and Procedures

This is part two of a three part field guide to understanding cybercriminals/threat actors and their tactics, techniques and procedures.

Read more

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center