SQL Injection Attacks and Defense - Justin Clarke-Salt

SQL Injection Attacks and Defense

Buch | Softcover
576 Seiten
2012 | 2nd edition
Syngress Media,U.S. (Verlag)
978-1-59749-963-7 (ISBN)
54,85 inkl. MwSt
Offers an understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures. This title includes information about these attacks and significant insight from its team of SQL injection experts, who tell you about: understanding SQL Injection, what it is and how it works.
SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award

"SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." –Richard Bejtlich, Tao Security blog

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help.

SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.

SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about:



Understanding SQL Injection – Understand what it is and how it works
Find, confirm and automate SQL injection discovery
Tips and tricks for finding SQL injection within code
Create exploits for using SQL injection
Design apps to avoid the dangers these attacks
SQL injection on different databases
SQL injection on different technologies
SQL injection testing techniques
Case Studies

Justin Clarke (CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.

1. Introduction 2. History of SQL Injection 3. Understanding SQL Injection 4. SQL Injection on Different Databases 5. SQL Injection on Different Technologies 6. SQL Injection Testing Techniques 7. Defenses 8. Case Studies

Appendices – SQL Injection Cheat Sheet

Zusatzinfo 16 illustrations; Illustrations
Verlagsort Rockland, MA
Sprache englisch
Maße 191 x 235 mm
Gewicht 1140 g
Themenwelt Informatik Datenbanken SQL Server
ISBN-10 1-59749-963-3 / 1597499633
ISBN-13 978-1-59749-963-7 / 9781597499637
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich