History Of Hacking prt 5 By CEO of TIA

Somewhere in the book of history, back in the days, when hackers were actually hackers, many things happened, good and bad, for better or worse.

The year was 1998, a well renowned ethical hacker and a cybersecurity researcher named Jeff Forristal, known by his alias "RFP (Rain Forest Puppy)". RFP was already recognized for his significant contributions to web security in its early days.

RFP is documented to have performed the firs SQL Injection attack ever, which since then, emerged as a critical attack and still nowadays one of the top three most critical and most paid attack in the world of bounty hunting.

SQL stands for "Structured Query Language", it is a programming language to manage databases, receive requests from clients/viewers and deliver relevant responses.

Whereas SQL Injection attacks aimed to "inject" malicious SQL queries into the targeted application tricking/forcing the server/system into revealing private and sensitive information from within the protected and private areas of the database.

RFP's first target of SQL Injection was never published, rather, remained unnamed in the documentation as Forristal's intent was not to compromise sensitive data maliciously or cause any harm to his target, in fact his intent was only to highlight a growing security flaw in how developers handle and manage databases and sensitive information.

RFP was not arrested for discovering and executing the first SQL Injection attack, in fact, as an ethical hacker, his actions were part of a responsible disclosure. He reported his findings to the affected parties and to the whole security community as well, which helped enhance the global security of web applications in general and raise awareness against such vulnerabilities and the best techniques to mitigate them.

... But then, years later, "skiddies" happened...

(stay tuned for part 6)

By Elie Ghabash

‍