• Home
  • Introduction
    • What Is SQL Injection
    • SQL Injection Risks
  • Attacks
    • Basics
    • Test
      • SQL Injection Detection
      • Identify Data Entries
      • Determining Query Structure
      • Anomalies
    • Techniques
    • Extract Information
    • Blind
  • Advanced
    • Stored Procedures Attacks
    • SQL Injection Tools
    • Uncategorized Notes
  • Defense
    • Code Level Defense
  • Resources
    • Simulation Environment
  • About
    • About Us
    • Contact Us
Logo SQL Injection

  • GET THE BOOK!

  • Recent Articles

    • Time-Based Blind SQL Injection using Heavy Query
    • Estimating MySQL Table Size using SQL Injection
    • Time-Based Blind SQL Injection Attacks
    • Analysing Server Response and Page Source
    • Database Fingerprinting for SQL Injection

Archive of Defense Dynamic Cursors Execute sp_executesql Stored Procedure

Prevent SQL injection.

  • Secure Stored Procedure

    Secure Stored Procedure

    Posted in Stored Procedures Defense

    Prevent SQL injection attacks against stored procedures. As explained in the article about SQL injection attacks against stored procedures, it is possible to create procedures vulnerable to SQLIA. This article details how you can secure your code against SQL injections. As recommended in...

    Continue reading this entry →
  • Secure PL/SQL

    Secure PL/SQL

    Posted in Stored Procedures Defense

    Prevent SQL injection attacks against PL/SQL. As explained in the article about SQL injection attacks against PL/SQL, it is possible to create procedures vulnerable to SQLIA. This article details how you can secure PL/SQL code against SQL injections by making only...

    Continue reading this entry →
  • mysql_real_escape_string SQL injection

    mysql_real_escape_string SQL injection

    Posted in PHP

    Understanding how to safely use mysql_real_escape_string function. PHP provides mysql_real_escape_string() to escape special characters in a string before sending a query to MySQL. This function was adopted by many to escape single quotes in strings and by the same occasion prevent SQL injection attacks. However, it can create...

    Continue reading this entry →
  • SQL Injection Risks

    SQL Injection Risks

    Posted in SQL Injection Introduction

    Security impact of SQL injection and risk associated to vulnerable systems. Understanding the risks of SQL injections is non negligible for anyone who might be concerned by this security issue. Whether you are a business decision maker, a developer or a system administrator, you need to be aware of the possible...

    Continue reading this entry →

  • About

    Sqlinjection.net was developed to provide information about SQL injection to students, IT professionals and computer security enthusiasts. It intends to be a reference about this security flaw.

    Read more

  • Main Sections

    • Introduction to SQL Injection
    • SQL injection Tutorial
    • Advanced SQL Injection
    • Securing Against SQL Injection
    • Resources for SQL Injection

  • Disclamer

    This website and/or it's owner is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to sqlinjection.net.
  • Sqlinjection.net Logo
Copyright 2020 SQLINJECTION.NET - All rights reserved. Copyright  ·  Disclaimer  ·  Terms of Use  ·  Privacy Policy  ·  Back to Top ↑