You can't secure what you don't acknowledge.SM

Sunday, February 12, 2012

SQL injection cheatsheet & tips for getting management on board

Here's a neat "cheatsheet" on SQL injection by NTObjectives that outlines some common attack strings, commands and so forth. Their SQL Invader SQL injection tool is worth checking out as well.

If you're having trouble selling management on the dangers of SQL injection, check out this piece I wrote about it not long ago:
SQL Injection – The Web Flaw That Keeps on Giving

Ten Ways to Sell Security to Management

Happy hacking!

No comments:

Post a Comment