{Carrer web log} ←

What is SQL Injection? Learn more about Sql injection and prevention techniques with ASP, ASP.NET, PHP, ColdFusion

Wednesday, June 21, 2006 { 1 Comments }

“SQL Injection is a technique which enables an attacker to execute unauthorized SQL commands by taking advantage of unsanitized input opportunities in Web applications building dynamic SQL queries.” –Wikipedia

There are some useful links that will help you to learn more about Sql injection:


General links:

http://en.wikipedia.org/wiki/SQL_Injection

http://en.wikipedia.org/wiki/Sql_injection

http://www.unixwiz.net/techtips/sql-injection.html

http://www.imperva.com/application_defense_center/white_papers


PDF Articles:
http://www.spidynamics.com/

http://www.ngssoftware.com/

http://www.appsecinc.com



PHP
http://en.wikibooks.org/wiki/Programming:PHP:SQL_Injection

http://shiflett.org/articles/security-corner-apr2004

http://dev.mysql.com/




ASP
http://www.4guysfromrolla.com/webtech/061902-1.shtml

http://www.sitepoint.com/article/sql-injection-attacks-safe

http://msdn.microsoft.com/

http://www.nextgenss.com/



ASP.NET
http://msdn.microsoft.com/

http://www.developer.com


Cold Fusion
http://www.forta.com

http://www.adobe.com

1 Responses to “What is SQL Injection? Learn more about Sql injection and prevention techniques with ASP, ASP.NET, PHP, ColdFusion”

1. //  Jeffrey // 5/03/2007

   Regarding .NET and SQL, see:
   
   http://weblogs.sqlteam.com/jeffs/archive/2006/07/21/10728.aspx
   
   the key is, you don't have to do ANYTHING to avoid SQL Injection if you simply use best practices and use parameters.  

Post a Comment

<< Home