0
SQL Injection Attacks and Defense
1st Edition
Authors:
Justin Clarke-Salt
Justin Clarke-Salt
eBook ISBN: 9780080958576
Paperback ISBN: 9781597494243
Imprint: Syngress
Published Date: 13th May 2009
Page Count: 496
Description
Winner of the Best Book Bejtlich Read in 2009 award!
"SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage." Richard Bejtlich, http://taosecurity.blogspot.com/
SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.
Key Features
- What is SQL injection?-Understand what it is and how it works
- Find, confirm, and automate SQL injection discovery
- Discover tips and tricks for finding SQL injection within the code
- Create exploits using SQL injection
- Design to avoid the dangers of these attacks
Readership
Penetration testers, IT security consultants and practitioners, and web/software developers
Table of Contents
Chapter 1: What is SQL Injection?
Chapter 2: Testing for SQL Injection
Chapter 3: Reviewing Code for SQL Injection
Chapter 4: Exploiting SQL Injection
Chapter 5: Blind SQL Injection Exploitation
Chapter 6: Exploiting the Operating System
Chapter 7: Advanced Topics
Chapter 8: Code-Level Defenses
Chapter 9: Platform-Level Defenses
Chapter 10: References
Details
- No. of pages:
- 496
- Language:
- English
- Copyright:
- © Syngress 2009
- Published:
- 13th May 2009
- Imprint:
- Syngress
- eBook ISBN:
- 9780080958576
- Paperback ISBN:
- 9781597494243
About the Author
Justin Clarke-Salt
Justin Clarke (CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Affiliations and Expertise
Justin Clarke(CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Justin Clarke-Salt
Justin Clarke (CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Affiliations and Expertise
Justin Clarke(CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Reviews
"With SQL Injection Attacks and Defense penetration testers now have a resource to fill in the gaps between all of the scattered tutorials on the Internet. Learn to recognize and take advantage of SQL injection flaws of all varieties on all platforms." --Devon Kearns, IS Security Analyst
Ratings and Reviews
Request Quote
Tax Exemption
We cannot process tax exempt orders online. If you wish to place a tax exempt order
please contact us.