Vim for SQL lite ⌘ Read more
SQL Injection Leads to dump the Student PII ⌘ Read more
ProcessOne: 🚀 ejabberd 25.10
Release Highlights:
If you are upgrading from a previous version, there are no mandatory changes in SQL schemas, configuration, API commands or hooks.
Other contents:
- **[New option
archive_muc_as_mucsubinmod_mam]( … ⌘ Read more
Simple, minimal SQL database migrations written in Go with generics. Std lib database/sql and SQLX supported OOTB
I built GoSMig for personal projects and open-sourced it. It’s a tiny library for writing migrations in Go (compile-time checks via generics). Supports both transactional and non-transactional steps, rollback, status/version commands, and a built-in CLI handler so you can ship your own tool.
- Zero dependencies (std lib; golang.org/x/term used for pager support)
- database/sql and sqlx supported out of the box, others w … ⌘ Read more
When I’m asked to create a SQL user for the new hire ⌘ Read more
When my SQL query goes from 10 seconds to 200ms ⌘ Read more
How I Mastered Blind SQL Injection With One Simple Method
Transforming my web security skills by learning to listen to a silent database
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-mastered-blind-sql-injection-w … ⌘ Read more
The Critical $1000 Bug:(blind SQL injection) ⌘ Read more
SQHell: Manually hunting SQL injection with detailed explanation ⌘ Read more
↳
In-reply-to
»
is it normal for my yarn pod mentions tab to be totally empty because it's been like this from the start
⤋ Read More
@kat@yarn.girlonthemoon.xyz @kat@yarn.girlonthemoon.xyz Pretty sure I have many more mentions in the database than the one and only one I see hmmm 🤔 – I’ll have a look at the code when I can and the SQL query it’s using
How Reladiff Works - A Journey Through the Challenges and Techniques of Data Engineering with SQL
Comments ⌘ Read more
AI-Powered SQLMap: Smarter SQL Injection Testing Guide ⌘ Read more
Exploiting Unsanitized URL Handling & SQL Injection via Deep Links in iOS App: Write-up of Flipcoin ⌘ Read more
Open Source SQL Workbench Says “No Republicans Allowed!”
The Apache licensed SQL query tool says Republicans (and many others) are not welcome to use their software due to “despicable politics” and “contempt for human rights.” ⌘ Read more
Mastering SQL Injection Recon: Step-by-Step Guide for Bug Bounty Hunters
A practical guide to uncovering SQL injection flaws using automation, payloads and deep reconnaissance techniques.
[Continue reading … ⌘ Read more
$4,500 Bounty: SQL Injection in WordPress Plugin Leads to PII Exposure at Grab
How a Plugin Preview Feature Exposed User Data and Nearly Enabled Admin Dashboard Pivoting
[Continue reading on Info … ⌘ Read more
Millions of Records Exposed via SQL Injection in a Tamil Nadu Government Portal ⌘ Read more
** How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headers **
Welcome to the underworld of cybersecurity! 🌐 In this blog, we dive deep into how hackers bypass login pages — the digital gatekeepers of…
[Continue rea … ⌘ Read more
↳
In-reply-to
»
Also spent the morning continuing to think about a new design for EdgeGuard's WAF. I'm basically going to build an entirely new pluggable WAF that will be designed to only consider Rate Limiting, IP/ASN-based filtering, JavaScript challenge handling, Basic behavioral analysis and Anomaly detection.
⤋ Read More
One thing about my design here is that it would no longer incorporate “regex”-based rules like OWASP, mostly because my experience thus far has taught me that these rules are kind of overly sensitive, produce false positives and I’m not sure they are really very effective. For example, why is the point of performing SQL injection detection at the Edge using a WAF if you already handle SQL properly in the first place? (seriously does anyone still construct SQL queries by hand with effectively printf?!)
A Guide to SQL Injection Attacks: Hackers Don’t Want You to Know This!
Imagine your website as a big toy box filled with treasures — like user info, passwords, or blog posts — and you’ve got a robot helper…
[Contin … ⌘ Read more
Time-Based Blind SQL Injection: “Hack the Clock” ⌘ Read more
↳
In-reply-to
»
Test
⤋ Read More
I was trying to optimize the SQL query used for the Compact FrontPage (anonymous view for Discovery when the Admin/Operator chooses “one twt per feed”).
ProcessOne: ejabberd 25.03
Release Highlights:
- Matrix Gateway Gets Room Support
- Multiple Simultaneous Password Types
- Execute API Commands Using XMPP Client
If you are upgrading from a previous version, please check the [changes in SQL schemas](https://www.process-one … ⌘ Read more
SQL scares me i tweaked a bash script that pulled from a DB and the bash part was easy even if i was just going off of the code in there that i didn’t write (like i understood it at least) but the SQL parts had me suffering
@lyse@lyse.isobeef.org OK. So how I have worked things like this out is to have the interface in the root package from the implementations. The interface doesn’t need to be tested since it’s just a contract. The implementations don’t need to import storage.Storage
- storage/ defines the
Storageinterface (no tests!)
- storage/sqlite for the sqlite implementation tests for sqlite directly
- storage/ram for the ram implementation and tests for RAM directly
- storage/sqlite for the sqlite implementation tests for sqlite directly
- controller/ can now import both storage and the implementation as needed.
So now I am guessing you wanted the RAM test for testing queries against sqlite and have it return some query response?
For that I usually would register a driver for SQL that emulates sqlite. Then it’s just a matter of passing the connection string to open the registered driver on setup.
https://github.com/glebarez/go-sqlite?tab=readme-ov-file#connection-string-examples
I Went to SQL Injection Court
Article URL: https://sockpuppet.org/blog/2025/02/09/fixing-illinois-foia/
Comments URL: https://news.ycombinator.com/item?id=43175628
Points: 504
# Comments: 191 ⌘ Read more
https://www.sqlclimber.com/home Online Interactive #SQL Course
I share I did write up an algorithm for it at some point I think it is lost in a git comment someplace. I’ll put together a pseudo/go code this week.
Super simple:
Making a reply:
- If yarn has one use that. (Maybe do collision check?)
- Make hash of twt raw no truncation.
- Check local cache for shortest without collision
- in SQL:
select len(subject) where head_full_hash like subject || '%'
- in SQL:
Threading:
- Get full hash of head twt
- Search for twts
- in SQL:
head_full_hash like subject || '%' and created_on > head_timestamp
- in SQL:
The assumption being replies will be for the most recent head. If replying to an older one it will use a longer hash.
SQL simplifies TSDB – how to migrate from InfluxQL to SQL
Member post originally published on Greptime’s blog by tison This article introduced the differences between InfluxQL, Flux, and SQL as query languages. SQL is a more common and general language for querying time series data, making migrating from… ⌘ Read more
https://drawdb.vercel.app/ database design tool and SQL generator
ProcessOne: ejabberd 23.04
This new ejabberd 23.04 release includes many improvements and bug fixes, as well as some new features.
- Many SQL database improvements
mod_mamsupport for XEP-0425: Message Moderation
- New
mod_muc_rtbl, Real-Time Block List for MUC rooms
- Binaries useErlang/OTP 25.3, and changes in containers
A more detailed explanatio … ⌘ Read more
💻 Issue 400 - ScalaSql: a New SQL Database Query Library for the com-lihaoyi Scala Ecosystem ⌘ Read more
ProcessOne: ejabberd 22.10
This ejabberd 22.10 release includes six months of work, over 140 commits, including relevant improvements in MIX, MUC, SQL, and installers, and bug fixes as usual.
This version brings support for latest MIX protocol version, and significantly improves detection and recovery of SQL connection issues.
There are no breaking changes in SQL schem … ⌘ Read more
ProcessOne: ejabberd 23.04
This new ejabberd 23.04 release includes many improvements and bug fixes, as well as some new features.
- Many SQL database improvements
mod_mamsupport for XEP-0425: Message Moderation
- New
mod_muc_rtbl, Real-Time Block List for MUC rooms
- Binaries useErlang/OTP 25.3, and changes in containers
A more detailed explanatio … ⌘ Read more
ProcessOne: ejabberd 23.04
This new ejabberd 23.04 release includes many improvements and bug fixes, as well as some new features.
- Many SQL database improvements
mod_mamsupport for XEP-0425: Message Moderation
- New
mod_muc_rtbl, Real-Time Block List for MUC rooms
- Binaries useErlang/OTP 25.3, and changes in containers
A more detailed explanatio … ⌘ Read more
Prosodical Thoughts: Prosody 0.12.3 released
We are pleased to announce a new minor release from our stable branch.
This is a bugfix release for our stable 0.12 series. Most notably, it fixes a
regression for SQL users introduced in 0.12.2, and a separate long-standing
compatibility issue with archive stores on certain MySQL/MariaDB versions.
It also fixes an issue with websockets discovered by the Jitsi team, some
issues with our internal HTTP client API, and we’ve improved the accuracy of
‘prosodyctl check dns’ in … ⌘ Read more
The CIA invests in these Tech companies
Video games. Search engines. Social Media. Open Source. Even SQL databases. Seriously. ⌘ Read more
Bitwarden Unified
Bitwarden (my favorite and recommended password manager) is offering a “new deployment option”. This new option combines all microservices into a single Docker container and doesn’t require 11 different containers anymore. And it supports PostgreSQL and MariaDB in addition to MS SQL. ⌘ Read more
it uses the queries you define for add/del/set/keys. which corrispond to something like INSERT INTO <table> (key, value) VALUES ($key, $value), DELETE ..., or UPDATE ...
the commands are issued by using the maddycli but not the running maddy daemon.
see https://maddy.email/reference/table/sql_query/
the best way to locate in source is anything that implements the MutableTable interface… https://github.com/foxcpp/maddy/blob/master/framework/module/table.go#L38
ProcessOne: ejabberd 22.10
This ejabberd 22.10 release includes six months of work, over 140 commits, including relevant improvements in MIX, MUC, SQL, and installers, and bug fixes as usual.
This version brings support for latest MIX protocol version, and significantly improves detection and recovery of SQL connection issues.
There are no breaking changes in SQL schem … ⌘ Read more