SQL Injection Attacks and Defense

Justin Clarke is an information security consultant. He has over 7 years of security experience in network, web application, source code andwireless testing work for some of the largest organizations in the United States, the United Kingdom and New Zealand. He is active in developing security tools for penetrating webapplications, servers, and wireless networks and as a compulsive tinkerer he can't leave anything alone without at least trying to see how it works. Justin Clarke got his Bachelor's degree in Computer Science from Canterbury University in New Zealand.

Winner of the Best Book Bejtlich Read in 2009 award! "e;SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage."e; Richard Bejtlich, taosecurity.blogspot.com/ SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts. What is SQL injection?-Understand what it is and how it works Find, confirm, and automate SQL injection discovery Discover tips and tricks for finding SQL injection within the code Create exploits using SQL injection Design to avoid the dangers of these attacks

Winner of the Best Book Bejtlich Read in 2009 award! "e;SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage."e; Richard Bejtlich, taosecurity.blogspot.com/ SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts. What is SQL injection?-Understand what it is and how it works Find, confirm, and automate SQL injection discovery Discover tips and tricks for finding SQL injection within the code Create exploits using SQL injection Design to avoid the dangers of these attacks