SQL Injection Strategies
Packt Publishing Limited (Verlag)
978-1-83921-564-3 (ISBN)
Learn to exploit vulnerable database applications using SQL injection tools and techniques, while understanding how to effectively prevent attacks
Key Features
Understand SQL injection and its effects on websites and other systems
Get hands-on with SQL injection using both manual and automated tools
Explore practical tips for various attack and defense strategies relating to SQL injection
Book DescriptionSQL injection (SQLi) is probably the most infamous attack that can be unleashed against applications on the internet. SQL Injection Strategies is an end-to-end guide for beginners looking to learn how to perform SQL injection and test the security of web applications, websites, or databases, using both manual and automated techniques. The book serves as both a theoretical and practical guide to take you through the important aspects of SQL injection, both from an attack and a defense perspective.
You’ll start with a thorough introduction to SQL injection and its impact on websites and systems. Later, the book features steps to configure a virtual environment, so you can try SQL injection techniques safely on your own computer. These tests can be performed not only on web applications but also on web services and mobile applications that can be used for managing IoT environments. Tools such as sqlmap and others are then covered, helping you understand how to use them effectively to perform SQL injection attacks.
By the end of this book, you will be well-versed with SQL injection, from both the attack and defense perspective.
What you will learn
Focus on how to defend against SQL injection attacks
Understand web application security
Get up and running with a variety of SQL injection concepts
Become well-versed with different SQL injection scenarios
Discover SQL injection manual attack techniques
Delve into SQL injection automated techniques
Who this book is forThis book is ideal for penetration testers, ethical hackers, or anyone who wants to learn about SQL injection and the various attack and defense strategies against this web security vulnerability. No prior knowledge of SQL injection is needed to get started with this book.
Ettore Galluccio has 20+ years' experience in secure system design and cyber risk management and possesses wide-ranging expertise in the defense industry, with a focus on leading high-impact cyber transformation and critical infrastructure programs. Ettore has headed up cybersecurity teams for numerous companies, working on a variety of services, including threat management, secure system life cycle design and implementation, and common criteria certification and cybersecurity program management. Ettore has also directed the EY Cybersecurity Master in collaboration with CINI (National Interuniversity Consortium for Computer Science) and holds various international certifications in information security. His true passion is working on ethical hacking and attack models. Edoardo Caselli is a security enthusiast in Rome, Italy. Ever since his childhood, he has always been interested in information security in all of its aspects, ranging from penetration testing to computer forensics. Edoardo works as a security engineer, putting into practice most aspects in the world of information security, both from a technical and a strategic perspective. He is a master's graduate in computer science engineering, with a focus on cybersecurity, and wrote his thesis on representation models for vulnerabilities in computer networks. Edoardo is also a supporter of the Electronic Frontier Foundation, which advocates free speech and civil rights on online platforms and on the internet. Gabriele Lombari is a cybersecurity professional and enthusiast. During his professional career, he has had the opportunity to participate in numerous projects involving different aspects, concerning both strategic and technical issues, with a particular focus on the power and utilities industry. The activities he has made a contribution to have largely involved application security, architecture security, and infrastructure security. He graduated cum laude in computer science. During his free time, he is passionate about technology, photography, and loves to consolidate his knowledge of topics related to security issues.
Table of Contents
Structured Query Language for SQL Injection
Manipulating SQL – Exploiting SQL Injection
Setting Up the Environment
Attacking Web, Mobile, and IoT Applications
Preventing SQL Injection with Defensive Solutions
Putting It All Together
| Erscheinungsdatum | 24.07.2020 |
|---|---|
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 75 x 93 mm |
| Themenwelt | Informatik ► Datenbanken ► SQL Server |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Mathematik / Informatik ► Informatik ► Programmiersprachen / -werkzeuge | |
| ISBN-10 | 1-83921-564-X / 183921564X |
| ISBN-13 | 978-1-83921-564-3 / 9781839215643 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
