You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This talk helps you in understanding on how SQL Injection works, how to prevent it and further protect your user data against the most common web application attack.
Key Points
KP1: SQL Injection is a code injection attack that injects and executes malicious SQL code that is usually done with vulnerable user inputs. Escaping quotes is one of the most basic way of applying SQL injection.
KP2: Some simple measures can reduce the risk of SQL injection:
Try not to use string concatenation to construct your sql queries, use parameterised queries instead
Remember to Sanitise, Filter and Escape your user inputs
There are tools you can use to scan the code for SQL injection vulnerabilities, such as SQL Map and ZAP.
Impact
Know: What is SQL Injection, what are the common ways of applying and preventing them from occurring
Believe: SQL Injection can happen to any of our application, and your application data is at risk, if preventions are not being done
Do: Be aware of SQL injection and take precautionary measures.
Use parameterise queries
Sanitise, filter and escape your user inputs
Call to Action
Let's do our part and practice safe sql, protect your user data against malicious sql injections.
WIIFY
This talk helps you in understanding on how SQL Injection works, how to prevent it and further protect your user data against the most common web application attack.
Key Points
Impact
Call to Action
Let's do our part and practice safe sql, protect your user data against malicious sql injections.
Slides
SQL-Injection.pptx
The text was updated successfully, but these errors were encountered: