| Edition |
[2nd ed.]. |
| Description |
1 online resource |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
| Summary |
SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack. SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about: Understanding SQL Injection - Understand what it is and how it works Find, confirm and automate SQL injection discovery Tips and tricks for finding SQL injection within code Create exploits for using SQL injection Design apps to avoid the dangers these attacks SQL injection on different databases SQL injection on different technologies SQL injection testing techniques Case Studies Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures. Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali). Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials. |
| Bibliography |
Includes bibliographical references and index. |
| Contents |
What is SQL injection? -- Testing for SQL injection -- Reviewing code for SQL injection -- Exploiting SQL injection -- Blind SQL injection exploitation -- Exploiting the operating system -- Advanced topics -- Code-level defenses -- Platform level defenses -- Confirming and recovering from SQL injection attacks -- References. |
| Subject |
Computer security.
|
|
Computer networks -- Security measures.
|
|
Application software -- Security measures.
|
|
SQL (Computer program language)
|
|
Sécurité informatique.
|
|
Réseaux d'ordinateurs -- Sécurité -- Mesures.
|
|
Logiciels d'application -- Sécurité -- Mesures.
|
|
SQL (Langage de programmation)
|
|
Computer networks -- Security measures
|
|
Computer security
|
|
SQL (Computer program language)
|
| Other Form: |
Print version: 9781597499637 (OCoLC)792877559 |
| ISBN |
9781597499637 (electronic bk.) |
|
1597499633 (electronic bk.) |
|
9781597499736 |
|
1597499730 |
| Standard No. |
9786613720139 |
|
AU@ 000050015329 |
|
AU@ 000050491970 |
|
AU@ 000053284616 |
|
AU@ 000060073017 |
|
CHBIS 007612510 |
|
CHNEW 001010637 |
|
CHVBK 185491901 |
|
DEBBG BV041119740 |
|
DEBBG BV042305226 |
|
DEBSZ 396676235 |
|
DEBSZ 405344104 |
|
DKDLA 820120-katalog:000588997 |
|
NZ1 14402739 |
|
