SQL Injection - Attacks And Defense

SQL Injection is one of the most popular web attacks that the security world has ever witnessed since the evolution of Internet. Till date it remains one of the less understood vulnerability from web security perspective as indicated by growing number of SQL injection attacks.
In this direction, this book is set to clear apart those short comings and present real facts about the insecurities surrounding the SQL Injection.

Here is the table of contents:
  1. Chapter 1: What is SQL Injection?
  2. Chapter 2: Testing for SQL Injection
  3. Chapter 3: Reviewing Code for SQL Injection
  4. Chapter 4: Exploiting SQL Injection
  5. Chapter 5: Blind SQL Injection Exploitation
  6. Chapter 6: Exploiting the Operating System
  7. Chapter 7: Advanced Topics
  8. Chapter 8: Code-Level Defenses
  9. Chapter 9: Platform-Level Defenses
  10. Chapter 10: References
 The book starts with describing various SQL Injection attack scenarios from different angles covering multiple operating systems. Also it covers different type of SQL Injection attacks in detail which makes it easy to understand. Rest of the book deals with defenses at different level, starting from development to deployment. Chapter 8 explains static analysis of code using the tools for identifying and preventing SQL injection vulnerabilities at the root itself.  Chapter 9 focuses on putting up defenses on different operating systems and for various type of databases including MsSQL, MySQL, Oracle etc.
Compared to any of the books produced so far, this book does real justice to the subject by comprehensively explaining both sides of the game, the attacking & defending against the SQL injection.

Do you have questions, comments, or suggestions? Feel free to post a comment! 

Subscribe to Saint Andrew's Paradise
Liked this post?

Subscribe to "Saint Andrew's Paradise" and get all new tricks, tools and regular updates to your inbox!


Share your views...

0 Respones to "SQL Injection - Attacks And Defense"

Post a Comment


About Me

Saint Andrew is a computer science student. Saint Andrew is a founder of the blog Saint Andrew's Hacking Paradise.

His mission and the aim of this blog is to make the reader aware of the existing threats and describe them in comprehensible way.

"Saint Andrew's Hacking Paradise" is a place to Learn, Understand and Explore the facts of computer technology.

You are always welcome to contact us to suggest ideas, tips, or to ask questions.

© 2011 Saint Andrew's Hacking Paradise

This blog run on iThesis Theme & hosted by Blogger