As I did a code hacking demo on one of our events hacking an application through a SQL Injection attack and getting control of the whole machine through xp_cmdshell and netcat I have got many questions about the tools and how-tos from customers for security penetration tests (although doing this test alone is definitely not enough).

Although it’s easy finding tools like netcat.exe in web and port scanners or port mappers, it’s very easy writing the tools on your own. Just take a look at the following book called Code Hacking … really cool very interesting stuff.