SQL Injection Attacks and Defense, Second Edition

9h 48m
Justin Clarke, et al.
Elsevier Science and Technology Books, Inc.
2012

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help.

SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.

SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about:

Understanding SQL Injection - Understand what it is and how it works
Find, confirm and automate SQL injection discovery
Tips and tricks for finding SQL injection within code
Create exploits for using SQL injection
SQL injection on different databases
SQL injection on different technologies
SQL injection testing techniques
Case Studies

Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures.
Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali).
Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.

About the Author

Justin Clarke (CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.

In this Book

Introduction to the 2nd Edition
What is SQL Injection?
Testing for SQL Injection
Reviewing Code for SQL Injection
Exploiting SQL Injection
Blind SQL Injection Exploitation
Exploiting the Operating System
Advanced Topics
Code-Level Defenses
Platform Level Defenses
Confirming and Recovering from SQL Injection Attacks
References

FREE ACCESS

Course OWASP Top 10: A01:2021-Broken Access Control

(276)

Journey Web App Vulnerability Analyst - 2022 Update

(1)

Course Secure Programmer: Vulnerabilities

(186)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

SQL Injection Attacks and Defense, Second Edition

In this Book

YOU MIGHT ALSO LIKE