Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan
PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security.
Updated: 2 hours 43 min ago

Oracle TDE and Oracle ACE and Website

Thu, 2024-10-03 12:26
Firstly I was very pleased to announce that I have been made an Oracle ACE Pro again for the year to come. I just received the Oracle ACE tee shirt, polo shirt, jacket and of course the ACE Certificate. The....[Read More]

Posted by Pete On 03/10/24 At 10:44 AM

Categories: Security Blogs

What Should you do if your Oracle Database is Hacked or Breached?

Thu, 2024-09-19 18:46
It has been a while since my last blog post as we have been incredibly busy here with customers work, new versions of our products and from a personal point of view moving house. I just got an email from....[Read More]

Posted by Pete On 19/09/24 At 12:27 PM

Categories: Security Blogs

Passwords in Scripts and Environment Variables

Wed, 2024-08-28 18:06
There was a post a few days ago on LinkedIn by Johannes Michler about easily passing passwords to adop via a shell script when patching E-Business Suite. This script sets the password for the E-Business Suite APPS user, SYSTEM and....[Read More]

Posted by Pete On 28/08/24 At 09:24 AM

Categories: Security Blogs

Would you Pay to Speak at a Conference?

Wed, 2024-08-28 18:06
I was approached by a lady on LinkedIn a few weeks ago to ask me if I would speak at a conference in another country. I said that I was interested and asked for more details and importantly do they....[Read More]

Posted by Pete On 28/08/24 At 09:24 AM

Categories: Security Blogs

Searching Base64 Encoded text for a clear text string

Mon, 2024-08-12 19:26
I had an issue to solve where I needed to find if some base64 encoded text included a clear text string which was of course encoded in the source data. I needed to search hundreds of XML files where some....[Read More]

Posted by Pete On 12/08/24 At 07:50 AM

Categories: Security Blogs

Write An Interpreter in PL/SQL - Adding More Features

Thu, 2024-08-01 10:06
Just a short post about the PL/SQL parser and interpreter that I have been developing. As I have said in recent posts I am going to release a set of articles about the development of this interpreter in PL/SQL. I....[Read More]

Posted by Pete On 01/08/24 At 01:01 PM

Categories: Security Blogs

Can We Remove IF Statements from PL/SQL?

Fri, 2024-07-26 07:46
I like PL/SQL and I am always playing around with it or writing tools for use in security audits in PL/SQL or trying to do things that are not normal with PL/SQL such as writing an interpreter. One thing I....[Read More]

Posted by Pete On 26/07/24 At 09:22 AM

Categories: Security Blogs

Protect Your PL/SQL

Wed, 2024-07-24 19:06
Do you develop PL/SQL? Is your Oracle PL/SQL protected? My name is Pete Finnigan and in the next few minutes I will show you how you can protect you PL/SQL investment from theft. We can: Stop people stealing your ideas....[Read More]

Posted by Pete On 23/07/24 At 03:14 PM

Categories: Security Blogs

Extreme PL/SQL - An Interpreter for a Simple Language

Wed, 2024-07-17 22:26
I talked at a high level a few weeks ago about Extreme PL/SQL and gave a brief look at an interpreter I have been creating for a simple language based on BASIC. I have been keeping notes in a Word....[Read More]

Posted by Pete On 17/07/24 At 12:00 PM

Categories: Security Blogs

Can we Add C Style Pointers to PL/SQL?

Fri, 2024-06-28 21:26
In my last blog on Extreme PL/SQL I mentioned pointers in PL/SQL. PL/SQL does not support pointers or dynamic memory management in the same way that we can write in C code. In C code we can define a variable....[Read More]

Posted by Pete On 28/06/24 At 09:03 AM

Categories: Security Blogs

Can we Hack an Oracle APEX Application?

Wed, 2024-06-26 14:26
I talked recently about securing APEX and the different security angles that should be considered when securing data in application that is written using APEX and hosted in an Oracle database. There are multiple attack vectors from a web based....[Read More]

Posted by Pete On 28/05/24 At 09:35 AM

Categories: Security Blogs

Extreme PL/SQL

Wed, 2024-06-26 14:26
It has been a while since my last blog post here. I have not abandoned blogging. Over the last year and more I have blogged regularly and this is reflected in my Oracle ACE Pro contributions this last year. I....[Read More]

Posted by Pete On 25/06/24 At 10:04 AM

Categories: Security Blogs

Can We Add New Language Features to PL/SQL?

Wed, 2024-05-15 14:06
This is a thought experiment really but is possible to do with some efforts and in a more targeted way. I have coded in PL/SQL for around 29 years and it is one of my favourite languages along with C....[Read More]

Posted by Pete On 08/05/24 At 11:20 AM

Categories: Security Blogs

Locate an Error in Wrapped PL/SQL

Mon, 2024-03-18 08:46
I had a conversation a few weeks ago with someone who asked me how to find a missing table when you have a wrapped PL/SQL file and cannot see the source code and you install it and it gives an....[Read More]

Posted by Pete On 18/03/24 At 01:00 PM

Categories: Security Blogs

Attention PL/SQL Programmers - is your PL/SQL at risk of breach?

Wed, 2024-03-06 17:26
Do you develop software in PL/SQL? I will show you in the next few minutes how you can learn to find security vulnerabilities in your PL/SQL code Even if the database that your PL/SQL is deployed to is secure then....[Read More]

Posted by Pete On 06/03/24 At 09:45 AM

Categories: Security Blogs

How to Secure all of Your Oracle Databases - Part 1

Mon, 2024-02-19 16:26
How do you know how secure your Oracle databases are? How secure should your Oracle databases be? These are interesting questions that we will cover in this three part post. This first part is going to cover the high level....[Read More]

Posted by Pete On 19/02/24 At 01:43 PM

Categories: Security Blogs

Happy 21st Birthday to PeteFinnigan.com Limited

Mon, 2024-02-12 18:06
My company PeteFinnigan.com Limited is 21 years old today!! It seems that time has gone so fast. When I started the company my oldest son was a baby and now he is almost 22 years old and works here in....[Read More]

Posted by Pete On 12/02/24 At 11:28 AM

Categories: Security Blogs

Securing APEX

Tue, 2024-01-30 00:06
I have liked APEX for many years and been involved in auditing and securing Oracle databases that include APEX for many years. What surprises me sometimes is that those deploying and developing an APEX application treat it like a box....[Read More]

Posted by Pete On 29/01/24 At 03:35 PM

Categories: Security Blogs

Investigate an Oracle Database Breach

Tue, 2024-01-23 21:26
I have investigated a number of possible and later proved data breaches in Oracle databases over the years and more recently just before Christmas I was doing the same again for a client. I cannot talk about any specifics of....[Read More]

Posted by Pete On 23/01/24 At 02:35 PM

Categories: Security Blogs

Happy New Year for 2024

Wed, 2024-01-17 18:46
It has been a while since my last blog on the 29th December on the ACCESSIBLEBY Clause in PL/SQL . We had a well earned break after the New Year and myself, my wife and my youngest son visited New....[Read More]

Posted by Pete On 17/01/24 At 03:50 PM

Categories: Security Blogs

Pages