Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Welcome, Guest. Please Login.
May 23rd, 2018, 11:36am
News: Welcome to Pete Finnigan's Oracle security forum
Home | Help | Search | Members | Login
   Pete Finnigan's Oracle Security Forum
   Oracle Security
   Oracle Security
(Moderator: Pete Finnigan)
   How about a Hack Attack platform?
« No topic | Next topic »
Pages: 1  Reply | Notify of replies | Send Topic | Print
   Author  Topic: How about a Hack Attack platform?  (Read 6316 times)
Marcel-Jan Junior Member

View Profile | WWW |

Gender: male
Posts: 83
How about a Hack Attack platform?
« on: Nov 5th, 2013, 11:13am »
Quote | Modify

Hi everyone (hears echo  Wink )
I'm currently giving an in-house Oracle database hacking training for my collegues at work. It's a lot of fun and it raises a lot of security awareness. It raises new questions too. I've had a lot of positive feedback for this training.
So I've been thinking. At the UKOUG 2011 I've attended a RAC Attack session ( e). RAC Attack is a free curriculum and platform for learning how to build a RAC cluster database.
So how about a Oracle Hack Attack? That would be a platform on which you can learn how to attack Oracle and then learn how to protect Oracle.
For example you could learn how to do port scans, network sniffing, password cracking and use exploits. This would be followed by an exercise in hardening the database, after which you try if the hack again to see the hardening had its effect.
IP Logged
Pete Finnigan Administrator

Oracle Security is easier if you design for it

View Profile | WWW | Email

Gender: male
Posts: 309
Re: How about a Hack Attack platform?
« Reply #1 on: Nov 11th, 2013, 1:08pm »
Quote | Modify

Hi Marcel-Jan,
Its a good idea but would need to be done right. The best approach would be to build a virtual box vm with perhaps XE on it and use that as the "host" to the study.
I would be happy to host it here on my site as a free download and also partner in terms of structuring whats in it, lessons, tools, how to secure etc / creating it.  
It could be simply a curriculum I guess with detailed installation instructions on build, setup, exploits etc.
let me know your thoughts
IP Logged

Pete Finnigan (
Oracle Security Web site:
Oracle security blog:
Pages: 1  Reply | Notify of replies | Send Topic | Print

« No topic | Next topic »

Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board