SQL injection attacks and defense / Justin Clarke, lead author and technical editor ; [contributing authors], Rodrigo Marcos Alvarez ... [et al.]
Tipo de material:
TextoDetalles de publicación: Burlington : Syngress, 2009 Descripción: XIX, 473 p. ; 23 cmISBN: 9781597494243Tema(s): SQL (Lenguaje de programación)Resumen: SQL injection is a technique that exploits security vulnerabilities in a web site by inserting malicious code into the database that runs it. Such attacks can be used to deface or disable public websites, spread viruses and other malware, or steal sensitive information such as credit card numbers, Social Security Numbers, or passwords. Along with cross-site scripting, SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. The only book devoted exclusively to this long-established but recently growing threat, SQL Injection Attacks and Defense is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.SQL injection techniques have been around for over 10 years now, but recent years have seen a dramatic increase in both number of attacks and the extent of damage caused by them. In fact, a sweep of attacks in the second quarter of 2008 alone resulted in over 500,000 exploited web pages, which were compromised to deliver password-stealing malware to users' computers. The tragedy is that these threats can be mitigated, or even prevented, with the proper tools and knowledge, much of which is publicly available but has yet to be collected in one place. This book includes all important public information on the subject and adds significant coverage known only to its contributing team of SQL injection experts. Only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures Covers unique, publicly unavailable SQL injection information by technical experts in such areas as Oracle and Microsoft SQL Server. Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials
| Tipo de ítem | Biblioteca de origen | Signatura | URL | Estado | Fecha de vencimiento | Código de barras | Reserva de ítems |
|---|---|---|---|---|---|---|---|
| Manuales | 03. BIBLIOTECA INGENIERÍA PUERTO REAL | 681.3.06SQL/CLA/sql (Navegar estantería(Abre debajo)) | Texto completo | Disponible Ubicación en estantería | Bibliomaps® | 3743001253 | ||
| Manuales | 03. BIBLIOTECA INGENIERÍA PUERTO REAL | 681.3.06SQL/CLA/sql (Navegar estantería(Abre debajo)) | Texto completo | Disponible Ubicación en estantería | Bibliomaps® | 3743001315 |
Índice
SQL injection is a technique that exploits security vulnerabilities in a web site by inserting malicious code into the database that runs it. Such attacks can be used to deface or disable public websites, spread viruses and other malware, or steal sensitive information such as credit card numbers, Social Security Numbers, or passwords. Along with cross-site scripting, SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. The only book devoted exclusively to this long-established but recently growing threat, SQL Injection Attacks and Defense is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.SQL injection techniques have been around for over 10 years now, but recent years have seen a dramatic increase in both number of attacks and the extent of damage caused by them. In fact, a sweep of attacks in the second quarter of 2008 alone resulted in over 500,000 exploited web pages, which were compromised to deliver password-stealing malware to users' computers. The tragedy is that these threats can be mitigated, or even prevented, with the proper tools and knowledge, much of which is publicly available but has yet to be collected in one place. This book includes all important public information on the subject and adds significant coverage known only to its contributing team of SQL injection experts. Only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures Covers unique, publicly unavailable SQL injection information by technical experts in such areas as Oracle and Microsoft SQL Server. Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials
No hay comentarios en este titulo.