David Litchfield

1975

Litchfield has found hundreds of vulnerabilities in many popular products, among which the most outstanding discoveries in products by Microsoft, Oracle and International Business Machines Corporation. At the Blackhat Security Briefings in July 2002 he presented some exploit code to demonstrate a buffer overflow vulnerability he had discovered in Microsoft"s structured query language Server 2000. Then six months later, on 25 January 2003, persons unknown used the code as the template for the structured query language Slammer Worm. After several years in vulnerability research, Litchfield made a move into Oracle forensics and has documented how to perform a forensic analysis of a compromised database server in a series of white papers – Oracle Forensics Parts 1 to 6. He is in the process of researching and developing an open source tool called the Forensic Examiner"s Database Scalpel (FEDS). Litchfield founded a company named Cerberus Information Security which was acquired by stake in July 2000. A year and a half later he founded Next Generation Security Software with five colleagues from stake. He is the author of various software packages, and also of many technical documents on security issues. He is the author of the Oracle Hacker"s Handbook and is a co-author of the Database Hacker"s Handbook, the Shellcoder"s Handbook and structured query language Server Security. He was also a contributing author for Special Operations David Litchfield is currently employed by Datacom Technical Security Services.

David Litchfield

Edit Profile

engineer

Career

Litchfield has found hundreds of vulnerabilities in many popular products, among which the most outstanding discoveries in products by Microsoft, Oracle and International Business Machines Corporation. At the Blackhat Security Briefings in July 2002 he presented some exploit code to demonstrate a buffer overflow vulnerability he had discovered in Microsoft"s structured query language Server 2000. Then six months later, on 25 January 2003, persons unknown used the code as the template for the structured query language Slammer Worm. After several years in vulnerability research, Litchfield made a move into Oracle forensics and has documented how to perform a forensic analysis of a compromised database server in a series of white papers – Oracle Forensics Parts 1 to 6.

He is in the process of researching and developing an open source tool called the Forensic Examiner"s Database Scalpel (FEDS).

Litchfield founded a company named Cerberus Information Security which was acquired by stake in July 2000. A year and a half later he founded Next Generation Security Software with five colleagues from stake.

He is the author of various software packages, and also of many technical documents on security issues. He is the author of the Oracle Hacker"s Handbook and is a co-author of the Database Hacker"s Handbook, the Shellcoder"s Handbook and structured query language Server Security.

He was also a contributing author for Special Operations

David Litchfield is currently employed by Datacom Technical Security Services.

Main Photo

School period

College/University

Career

Achievements

Membership

Awards

Other Photos

Connections

Connections

David Litchfield

Career

Born