RSS feed logo header graphic

Black Hat Webcast No. 6

Database Forensiscs with David Litchfield

Thursday, December 18 1:00 pm PST/4:00 pm ET • FREE


  • Jeff Moss, Founder and Director of Black Hat
  • David Litchfield, NGS Security


Database Forensics expert David Litchfield will discuss his new tool and paper with Black Hat Founder and Director Jeff Moss and take questions from our webcast audience. The tool, orablock, allows a forensic investigator to dump data from a "cold" Oracle data file - i.e. there's no need to load up the data file in the database which would cause the data file to be modified, so using orablock preserves the evidence. Orablock can also be used to locate "stale" data - i.e. data that has been deleted or updated. It can also be used to dump SCNs for data blocks which can be useful during the examination of a compromised Oracle box.

David Litchfield

David Litchfield specializes in searching for new threats to database systems and web applications. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of "The Database Hacker's Handbook", "The Shellcoder's Handbook", "SQL Server Security", and "Special Ops". In his spare time he is the Managing Director of Next Generation Security Software Ltd.

Black Hat Webcasts

Black Hat Social

About Black Hat | Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed