- Paperback: 474 pages
- Publisher: Syngress; 1st edition (May 15, 2009)
- Language: English
- ISBN-10: 1597494240
- ISBN-13: 978-1597494243
- Product Dimensions: 7.5 x 1 x 9.2 inches
- Shipping Weight: 2.1 pounds
- Average Customer Review: 18 customer reviews
- Amazon Best Sellers Rank: #1,618,587 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
SQL Injection Attacks and Defense 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Customers who viewed this item also viewed
What other items do customers buy after viewing this item?
"With SQL Injection Attacks and Defense penetration testers now have a resource to fill in the gaps between all of the scattered tutorials on the Internet. Learn to recognize and take advantage of SQL injection flaws of all varieties on all platforms." --Devon Kearns, IS Security Analyst
From the Back Cover
SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.
- What is SQL injection?-Understand what it is and how it works
- Find, confirm, and automate SQL injection discovery
- Discover tips and tricks for finding SQL injection within the code
- Create exploits using SQL injection
- Design to avoid the dangers of these attacks
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
This book will definitely appeal to all audiences interested in the subject from the pro penetration tester, to the novice, IT security student new to the subject, or a database admin that just wants to write more securely.
So if you are debating to find a book about SQLi, look no further and pick this book up.
This book is awesome! Any security researcher, web developer, pen tester, or student should read this! Anybody interested in databases should read this! It has tons of code examples in it - MySQL, Oracle SQL, SQL Server, PostgreSQL, Java, C#, and PHP!
This book covers all sorts of SQL injections. It covers everything from finding the SQL injection to exploiting the database server. Very well written book and easy to understand. You should have some knowledge of programming, especially knowledge of SQL if you want to read this book. You should know at least one programming language in addition to knowing some basic SQL. Ideally, you will know either PHP, Java, or C#. This is not an intro to sql or intro to programming book. This is not a book on hacking or penetration testing. This is a book on SQL injections and it covers just about anything you can imagine.
SQL injections in stored procedures? Yep. SQL injections to gather more information about the database schema? Yep. SQL injections aimed at accessing the server? Yep!
As I've said, and I repeat, THIS BOOK IS AWESOME! If you've got any interest at all in hacking web applications, you need to master SQL and SQL injections!
This book is two fold: It delivers ways for the professional security consultant to expand the horizon of SQLi and it teaches the methods of prevention for those who defend. There is not a better book written on this subject. His experience incorporated with that of the expertise of peers (a true "who's who" of international application security knowledge) produced material that should be understood by all resources who desire to protect a private or public application infrastructure.
This is a great resource for penetration testers, recreational hackers, and security professionals. I highly recommend it.