SQL Injection Attacks and Defense book cover

SQL Injection Attacks and Defense

Winner of the Best Book Bejtlich Read in 2009 award!

"SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage." Richard Bejtlich, http://taosecurity.blogspot.com/

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.


Penetration testers, IT security consultants and practitioners, and web/software developers


Published: May 2009

Imprint: Syngress

ISBN: 978-1-59749-424-3


  • "With SQL Injection Attacks and Defense penetration testers now have a resource to fill in the gaps between all of the scattered tutorials on the Internet. Learn to recognize and take advantage of SQL injection flaws of all varieties on all platforms."--Devon Kearns, IS Security Analyst


  • Chapter 1: What is SQL Injection?
    Chapter 2: Testing for SQL Injection
    Chapter 3: Reviewing Code for SQL Injection
    Chapter 4: Exploiting SQL Injection
    Chapter 5: Blind SQL Injection Exploitation
    Chapter 6: Exploiting the Operating System
    Chapter 7: Advanced Topics
    Chapter 8: Code-Level Defenses
    Chapter 9: Platform-Level Defenses
    Chapter 10: References


advert image