Injection Testing for Business Purposes
by Michael Thumann, Frank Block, Timo Schmid
SQL injection attacks have been well known for a long time and many people think that developers should have fixed these issues years ago, but having conducted web application pentests over a long period, we have a slightly different view. Many SQL injection problems potentially remain undetected due to a lack of proper test methodology, so we would like to share our approach and experience and help others in identifying these issues. 6-13

SQL Injection
by Srinivasa Rao
This article gives you a deeper idea of how to hack websites with SQL Injection vulnerability and how to prevent SQL injection attacks on websites. In this, we will see the manual injection techniques and secure coding practices in order to provide a practical approach of both attacks and countermeasures. 14-19

Advanced SQL Incjection in the Real world
by Dmitry Evteev
These days, most information security experts are well aware of almost all the classes of typical threats and vulnerabilities of information systems. But so are hackers. This means that the information system properties, which an attacker can leverage to harm the system owner interests, have become common knowledge. Fortunately enough, quite a few public resources provide practical techniques for protecting information systems, as well as separate applications. In the field of web application security the most prominent communities are OWASP and WASC. 20-29

SQL Injection: A Case Study
by Stephen C. Bono and Ersin Domangue
SQL injection and associated vulnerabilities are possible due to three common, yet critical design flaws. Lack of input sanitization, unnecessary construction of dynamic queries, and failure to adhere to the Principle of Least Privilege. Through our case study, we demonstrate how each of these design flaws can lead to information or system compromise. 30-35

Caffe Latte Attack
by David Jardin
By reading this article, you’ll learn:
In order to perform the attack, I assume you already have a running Backtrack distribution.
The author’s aim is to share knowledge with readers in order for them to later protect themselves against such an attack. The author is not legally responsible for what the reader could do with said knowledge. 36-39


April 19, 2022
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.