|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: zeno (bugtraq
cgisecurity.net)Date: Tue Apr 09 2002 - 10:39:22 CDT
>
> Chip Andrews and Beth Breidenbach mentioned some great points and issues
> regarding SQL Injection. Before I forget, here are also some useful free
> resources that detail very specific methods for performing SQL Injection
> testing on web applications. They are also listed on the OWASP web site
> (http://www.owasp.org/whitepapers/):
>
> http://www.spidynamics.com/papers/SQLInjectionWhitePaper.pdf
> http://www.nextgenss.com/papers/advanced_sql_injection.pdf
> http://www.sqlsecurity.com/faq-inj.asp
>
> If anyone knows of other good resources please share.
>
http://www.cgisecurity.com/lib/sql-insertion.txt
It was written by sensepost.com and i forget where I even got it from.
Seems to be slightly different from their copy http://www.sensepost.com/misc/SQLinsertion.htm
- zenocgisecurity.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]