Feed

Preventing SQL Injection

Posted on June 23rd, 2008 in iframes,sql injection by dglosser

A function that that does sanitizing of input for all inputted data: http://isc.sans.org/diary.html?storyid=4615

How To Immune Your Web Application and Database From Such Automated Attacks:
http://www.bloombit.com/Articles/2008/05/ASCII-Encoded-Binary-String-Automated-SQL-Injection.aspx

Tip/Trick: Guard Against SQL Injection Attacks
http://weblogs.asp.net/scottgu/archive/2006/09/30/Tip_2F00_Trick_3A00_-Guard-Against-SQL-Injection-Attacks.aspx

Stopping SQL Injection and Crossing Over Cross-site Scripting
http://securitymasala.files.wordpress.com/2007/11/mano_paul_sqlinjandxss_catalyst_eu.pdf

Detection, defense, and identifying possible coding which may be exploited by an attacker:
http://www.microsoft.com/technet/security/advisory/954462.mspx

Stop SQL Injection Attacks Before They Stop You
http://msdn.microsoft.com/en-us/magazine/cc163917.aspx

SQL Injection Attacks by Example
http://www.unixwiz.net/techtips/sql-injection.html

Finding SQL Injection with Scrawlr: http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/23/finding-sql-injection-with-scrawlr.aspx

Here are some good articles on SQL Injection attacks and some tips on how to prevent them (watch wrap):

http://www.securiteam.com/securityreviews/5DP0N1P76E.html

http://www.codeproject.com/KB/database/SqlInjectionAttacks.aspx

http://blogs.technet.com/neilcar/archive/2008/03/14/anatomy-of-a-sql-injection-incident.aspx

http://blogs.technet.com/neilcar/archive/2008/03/15/anatomy-of-a-sql-injection-incident-part-2-meat.aspx

http://weblogs.asp.net/scottgu/archive/2006/09/30/Tip_2F00_Trick_3A00_-Guard-Against-SQL-Injection-Attacks.aspx

Comments are closed.