SQL Injection Defenses
Copyright © 2007 O'Reilly Media, Inc.
March 26, 2007
Abstract
This short cut introduces you to how SQL injection vulnerabilities work, what makes applications vulnerable, and how to protect them. It helps you find your vulnerabilities with analysis and testing tools and describes simple approaches for fixing them in the most popular web-programming languages.
This short cut also helps you protect your live applications by describing how to monitor for and block attacks before your data is stolen.
Hacking is an increasingly criminal enterprise, and web applications are an attractive path to identity theft. If the applications you build, manage, or guard are a path to sensitive data, you must protect your applications and their users from this growing threat.
SQL Injection Defenses
Hacking is an increasingly criminal enterprise, and web applications are becoming an attractive path to identity theft. If the applications you build, manage, or guard provide access to sensitive data, this article is aimed to help you protect them. We'll start out trying to explain why you should care about these attacks, while providing some historical perspective. We'll go on to discuss how most web applications work, and describe how SQL queries are properly formed (and can be abused). With the basics under your belt, we'll move on to discussing the attacks themselves—what ...
Get SQL Injection Defenses now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
