SQL injection attacks and defense [electronic resource] / Justin Clarke, lead author and technical editor ; [contributing authors], Rodrigo Marcos Alvarez ... [et al.].Material type: TextPublisher: Burlington, MA : Syngress Pub., c2009Description: 1 online resource (xix, 473 p.) : illISBN: 9781597494243; 1597494240Subject(s): Computer security | SQL (Computer program language)Genre/Form: Electronic books.Additional physical formats: Print version:: SQL injection attacks and defense.DDC classification: 005.8 LOC classification: QA76.9.A25 | C53 2009Online resources: ScienceDirect
SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts. What is SQL injection?-Understand what it is and how it works Find, confirm, and automate SQL injection discovery Discover tips and tricks for finding SQL injection within the code Create exploits using SQL injection Design to avoid the dangers of these attacks.
Chapter 1: What is SQL Injection? -- Chapter 2: Testing for SQL Injection -- Chapter 3: Reviewing Code for SQL Injection -- Chapter 4: Exploiting SQL Injection -- Chapter 5: Blind SQL Injection Exploitation -- Chapter 6: Exploiting the Operating System -- Chapter 7: Advanced Topics -- Chapter 8: Code-Level Defenses -- Chapter 9: Platform-Level Defenses -- Chapter 10: References.
Description based on print version record.