SQL Injection
SQL Injection Signatures Evasion
In recent years, Web application security has become a focal center for security experts. Application attacks are constantly on the rise, posing new risks for the organization. One of the ...
Written by: Ofer Maor and Amichai Shulman and added on March 16, 2011Detection of SQL Injection and Cross-site Scripting Attacks
In the last couple of years, attacks against the Web application layer have required increased attention from security professionals. This is because no matter how strong your firewall rulesets are ...
Written by: K. K. Mookhey, Nilesh Burghate and added on June 18, 2011Blindfolded SQL Injection
Until today, exploiting SQL server injection attacks depended on having the Web Server return detailed error messages or having any other source of information. As a result, many security administrators ...
Written by: Ofer Maor and Amichai Shulman and added on June 10, 2011SQL Server Email - vulnerability issues and prevention strategies
This paper will explore some of the ways this feature could be used by both legitimate users and intruders. Installation and configuration of the utility will be briefly described in ...
Written by: Frank Ress and added on May 8, 2011SQL Injection: Modes of attack, defense, and why it matters
SQL injection attacks represent a serious threat to any database-driven site. The methods behind an attack are easy to learn and the damage caused can range from considerable to complete ...
Written by: Stuart McDonald and added on Jan. 17, 2011Detection of SQL Injection and Cross-site Scripting Attacks
This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your networks. There has been a lot of discussion on these two categories of Web-based ...
Document added on May 22, 2011Detecting SQL Injection in Oracle
The main focus of this paper is to explore some simple techniques in extracting logging and trace data that could be employed for monitoring. The aim is to show the ...
Written by: Pete Finnigan and added on Feb. 12, 2011SQL Injection and Oracle, Part One
SQL injection techniques are an increasingly dangerous threat to the security of information stored upon Oracle Databases. These techniques are being discussed with greater regularity on security mailing lists, forums, ...
Written by: Pete Finnigan and added on April 18, 2011SQL Injection and Oracle, Part Two
This is the second part of a two-part article that will examine SQL injection attacks against Oracle databases. The first installment offered an overview of SQL injection and looked at ...
Written by: Pete Finnigan and added on April 29, 2011Blind SQL Injection
Introduction
The World Wide Web has experienced remarkable growth in recent years. Businesses, individuals, and governments have found that web applications can offer effective, efficient and reliable solutions to ...