Pete Finnigan's Oracle security weblog /weblog/entries PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. en-gb Copyright PeteFinnigan.com Ltd 2005, All rights reserved. All trademarks are the property of their respective owners and are hereby acknowledged 2025-07-03T09:30:31Z Pete Finnigan (mailto:webmaster\@petefinnigan.com) Pete Finnigan (mailto:pete\@petefinnigan.com) Pete Finnigan's Oracle security weblog PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. Pete Finnigan's Oracle security weblog http://www.petefinnigan.com/images/company_logo_1.gif /weblog/entries Privilege Escalation from GRANT ANY ROLE to DBA - Or is it? /weblog/archives/00001599.htm Emad just made a blog post - Oracle 23ai Privilege Escalation From GRANT ANY ROLE to DBA Role - that shows how he escalated from GRANT ANY ROLE to DBA. There are some issues with his example but I will....<a href="/weblog/archives/00001599.htm">[Read More]</a> <p>Posted by Pete On 03/07/25 At 09:25 AM</p> Happy Anniversary to Saving Lives and My Degree and ACE Pro Membership /weblog/archives/00001598.htm Some brief news on Oracle and Security and personal news!! I was emailed a couple of weeks or so ago that I was awarded membership of the Oracle ACE program for now until end of May 2026 and yesterday I....<a href="/weblog/archives/00001598.htm">[Read More]</a> <p>Posted by Pete On 26/06/25 At 09:45 AM</p> A Brief History of PFCLScan - Database Security scanner /weblog/archives/00001597.htm This is a short history of our PFCLScan product and therefore also a history of the other apps now built on top of PFCLScan such as PFCLObfuscate , PFCLCode , PFCLForensics and more. Obviously after such a long time and....<a href="/weblog/archives/00001597.htm">[Read More]</a> <p>Posted by Pete On 15/05/25 At 10:15 AM</p> PeteFinnigan.com is now HTTPS /weblog/archives/00001596.htm It has been a long time coming but I have finally got this website running on HTTPS / SSL. Google have been pushing webmasters and site owners to move to HTTPS for more than 10 years. Google in fact stated....<a href="/weblog/archives/00001596.htm">[Read More]</a> <p>Posted by Pete On 13/05/25 At 02:07 PM</p> Embed Scripting Languages in PL/SQL Programs /weblog/archives/00001595.htm One of the goals of creating an interpreter written in PL/SQL to execute a custom language was for our use in our tools. We wanted to be able to ship PL/SQL and customise it after its deployed without re-compiling the....<a href="/weblog/archives/00001595.htm">[Read More]</a> <p>Posted by Pete On 14/04/25 At 12:11 PM</p> The search for existing encryption and wallets in the database /weblog/archives/00001594.htm In the first blog in this series we discussed the main issue with using DBMS_CRYPTO to encrypt data within the database. This is the lack of key management provided by Oracle natively for use with this package. I had intended....<a href="/weblog/archives/00001594.htm">[Read More]</a> <p>Posted by Pete On 07/04/25 At 01:25 PM</p> Encryption Key Management with DBMS_CRYPTO /weblog/archives/00001593.htm I often get asked how to use DBMS_CRYPTO to encrypt data in the Oracle database. Or I used to be asked how to use DBMS_OBFUSCATION_TOOLKIT when it was the go-to encryption in an Oracle database. Before we go far; this....<a href="/weblog/archives/00001593.htm">[Read More]</a> <p>Posted by Pete On 02/04/25 At 02:22 PM</p> Update on Oracle Security /weblog/archives/00001592.htm Just an update as I have not posted too many blogs recently. I have a bag log of blog ideas to write on technical subjects directly relating to Oracle security so please watch out for those by subscribing / following....<a href="/weblog/archives/00001592.htm">[Read More]</a> <p>Posted by Pete On 19/03/25 At 03:00 PM</p>