Articles Tagged with "SQl Injection"


From the Web

SQL Injection, eye of the storm

June 23, 2009 from: Jeremiah Grossman's Blog

In 2008 SQL Injection became the leading method of malware distribution, infecting millions of Web pages and foisting browser-based exploits upon unsuspecting visitors. The ramifications to online businesses include data loss, PCI fines, d...

Comments  (1)


From the Web

CWE Top 25 Breakdown - Part 2 of 4

June 07, 2009 from: hackyourself.net

Last week we introduced the CWE Top 25 Most Dangerous Programming Errors in Part 1 of a 4 part series. This week we will discuss the first nine, which have been categorized in a group called “Insecure Interaction Between Components”. Being the first nine, they are also the top 9, or the top most prevalent errors on the list. As me...

Comments  (1)


From the Web

Top 5 SQL Injection Tools

June 01, 2009 from: hackyourself.net

This is a list of the Top 5 FREE SQL Injection tools currently available. Although there is already a list of the Top 15 Free SQL Injection Scanners, not all of them deserve the honors of the best general-purpose tools.

Comments  (1)


From the Web

Should I be worried about my web applications?

June 01, 2009 from: hackyourself.net

An interesting article published earlier this week on Information Week’s website here called “Web Applications: Achilles’ Heel Of Corporate Security” discusses the tremendous rise in web-application breaches and attacks th...

Comments  (1)


From the Web

Using XSS to Launch a SQL Injection Attack

June 01, 2009 from: hackyourself.net

Several weeks ago I stumbled on a client’s e-commerce site that had (what appeared to be) a non-vulnerable SQL Injection pathway on a search form. I used the standard calls to determine if it was vulnerable, determined (or so I thought) that it wasn’t and moved on to test for XSS.

Comments  (1)