It's all about timing

Presentation by Haroon Meer and Marco Slaviero at Black Hat USA in 2007.

This presentation is about timing attacks against web applications. Squeeza, a SQLi tool developed by Marco Slaviero that returns data through various channels (DNS, timing, HTTP error messages), is introduced. An attack called Cross-site request timing is also discussed.