SQL Injection Attacks and Defense Paperback – 12 Jun 2009
Customers who viewed this item also viewed
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Would you like to tell us about a lower price?
If you are a seller for this product, would you like to suggest updates through seller support?
"With SQL Injection Attacks and Defense penetration testers now have a resource to fill in the gaps between all of the scattered tutorials on the Internet. Learn to recognize and take advantage of SQL injection flaws of all varieties on all platforms." --Devon Kearns, IS Security Analyst
About the Author
Justin Clarke (CISSP, CISM, CISA, MCSE, CEH) is a cofounder and executive director of Gotham Digital Science, based in the United Kingdom. He has over ten years of experience in testing the security of networks, web applications, and wireless networks for large financial, retail, and technology clients in the United States, the United Kingdom and New Zealand.
Top customer reviews
The best thing to do is just use it for reference, read the chapters that interest you, then the chapters that you require to fill the gaps.
Still a brilliant book and I 100% recommend it to anyone wanting to know about SQLi.
Most helpful customer reviews on Amazon.com
This book will definitely appeal to all audiences interested in the subject from the pro penetration tester, to the novice, IT security student new to the subject, or a database admin that just wants to write more securely.
So if you are debating to find a book about SQLi, look no further and pick this book up.
This book is awesome! Any security researcher, web developer, pen tester, or student should read this! Anybody interested in databases should read this! It has tons of code examples in it - MySQL, Oracle SQL, SQL Server, PostgreSQL, Java, C#, and PHP!
This book covers all sorts of SQL injections. It covers everything from finding the SQL injection to exploiting the database server. Very well written book and easy to understand. You should have some knowledge of programming, especially knowledge of SQL if you want to read this book. You should know at least one programming language in addition to knowing some basic SQL. Ideally, you will know either PHP, Java, or C#. This is not an intro to sql or intro to programming book. This is not a book on hacking or penetration testing. This is a book on SQL injections and it covers just about anything you can imagine.
SQL injections in stored procedures? Yep. SQL injections to gather more information about the database schema? Yep. SQL injections aimed at accessing the server? Yep!
As I've said, and I repeat, THIS BOOK IS AWESOME! If you've got any interest at all in hacking web applications, you need to master SQL and SQL injections!
This book is two fold: It delivers ways for the professional security consultant to expand the horizon of SQLi and it teaches the methods of prevention for those who defend. There is not a better book written on this subject. His experience incorporated with that of the expertise of peers (a true "who's who" of international application security knowledge) produced material that should be understood by all resources who desire to protect a private or public application infrastructure.
Look for similar items by category