Vous voulez voir cette page en fran�ais ? Cliquez ici.

Quantity:

More Buying Choices

Have one to sell? Sell yours here

SQL Injection Attacks and Defense [Paperback]

Justin Clarke (Author)

List Price:	CDN$ 64.95
Price:	CDN$ 56.67 & this item ships for FREE with Super Saver Shipping. Details
You Save:	CDN$ 8.28 (13%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.ca. Gift-wrap available.

Only 1 left in stock--order soon (more on the way).

Want it delivered Monday, May 28? Choose One-Day Shipping at checkout.

There is a newer edition of this item:

SQL Injection Attacks and Defense
CDN$ 54.20

Available for Pre-order

Frequently Bought Together

Price For All Three: CDN$ 121.86

Show availability and shipping details

Buy the selected items together

This item: SQL Injection Attacks and Defense by Justin Clarke Paperback CDN$ 56.67

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard Paperback CDN$ 37.61

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details
Reversing: Secrets of Reverse Engineering by Eldad Eilam Paperback CDN$ 27.58

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

The Web Application Hacker's Handbook: Fin... by Dafydd Stuttard

CDN$ 37.62
Hacking : The Art of Exploitation, 2nd Edition by Jon Erickson

CDN$ 32.92
Malware Analyst's Cookbook and DVD: Tools and... by Michael Ligh
5.0 out of 5 stars (1)

CDN$ 45.13
Reversing: Secrets of Reverse Engineering by Eldad Eilam
4.8 out of 5 stars (5)

CDN$ 27.58
The Web Application Hacker's Handbook: Dis... by Dafydd Stuttard
4.7 out of 5 stars (3)

CDN$ 37.61
XSS Attacks: Cross Site Scripting Exploits and Defense by Seth Fogie

CDN$ 59.21

Product Details

Paperback: 496 pages
Publisher: Syngress; 1 edition (May 13 2009)
Language: English
ISBN-10: 1597494240
ISBN-13: 978-1597494243
Product Dimensions: 22.6 x 18.8 x 3 cm
Shipping Weight: 953 g
Amazon Bestsellers Rank: #211,204 in Books (See Top 100 in Books)

Would you like to update product info or give feedback on images?

See Complete Table of Contents

Product Description

Review

"With SQL Injection Attacks and Defense penetration testers now have a resource to fill in the gaps between all of the scattered tutorials on the Internet. Learn to recognize and take advantage of SQL injection flaws of all varieties on all platforms."--Devon Kearns, IS Security Analyst

Book Description

Winner of the Best Book Bejtlich Read in 2009 award!

"SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage." Richard Bejtlich, http://taosecurity.blogspot.com/

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.

What is SQL injection?-Understand what it is and how it works

Find, confirm, and automate SQL injection discovery

Discover tips and tricks for finding SQL injection within the code

Create exploits using SQL injection

Design to avoid the dangers of these attacks

See all Product Description

Inside This Book (Learn More)

Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index

Tag this product

(What's this?)

Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.

What Other Items Do Customers Buy After Viewing This Item?

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard Paperback

CDN$ 37.62

Hacking : The Art of Exploitation, 2nd Edition by Jon Erickson Paperback

CDN$ 32.92

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code by Michael Ligh Paperback
5.0 out of 5 stars (1)

CDN$ 45.13

Reversing: Secrets of Reverse Engineering by Eldad Eilam Paperback
4.8 out of 5 stars (5)

CDN$ 27.58

› Explore similar items

Customer Reviews

There are no customer reviews yet on Amazon.ca

5 star:		(0)
4 star:		(0)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Share your experience with this product with others

Create your own review

Most Helpful Customer Reviews on Amazon.com ^(beta)

Amazon.com: 4.8 out of 5 stars (12 customer reviews)

12 of 12 people found the following review helpful

5.0 out of 5 stars Finally, the "Bible" for SQL Injection, May 27 2009

By Mike - Published on Amazon.com

This review is from: SQL Injection Attacks and Defense (Paperback)

I'm giving "SQL Injection Attacks and Defenses" five stars for a few reasons.

First, the book is extremely comprehensive, covering everything from basic "What is SQL Injection?" information to advanced exploit development and static analysis tools (including open source tools).

Second, this book was obviously written very recently. The content is fresh and cutting-edge.

Finally, the book is advanced. Though the reader doesn't necessarily need to know much about SQL Injection in order to start reading it, the book covers as much as anyone would need to know about the subject.

SQL Injection Attacks and Defenses is a well written, comprehensive book that can be extremely useful to security professionals, developers, and database administrators interested in writing or maintaining secure code. It could easily be called the "bible" of SQL Injection.

6 of 6 people found the following review helpful

5.0 out of 5 stars Another serious contender for Best Book Bejtlich Read 2009, Oct 24 2009

By Richard Bejtlich "TaoSecurity" - Published on Amazon.com

This review is from: SQL Injection Attacks and Defense (Paperback)

I just finished reviewing The Web Application Hacker's Handbook, calling it a "Serious candidate for Best Book Bejtlich Read
2009." SQL Injection Attacks and Defense (SIAAD) is another serious contender for BBBR09. In fact, I recommend reading TWAHH first because it is a more comprehensive overview of Web application security. Next, read SIAAD as the definitive treatise on SQL injection. Syngress does not have a good track record when it comes to books with multiple authors -- SIAAD has ten! -- but SIAAD is clearly a winner.

SIAAD is very detailed, with code samples to demonstrate the author's attack patterns. They cover multiple programming languages, multiple databases, and flood the book with examples. It's clear the authors utilize these methods for their daily work. Just about every situation is addressed, like returning database query results using DNS, HTTP, database connections, and even email. I admit I laughed when reading that chapter 7 offered "advanced topics." I thought the first 6 chapters were advanced enough, given the depth of the material!

I had no real issues with this book, but it's important to realize you won't read about attacks against PostgreSQL, for example. Other reviewers noted this as well. However, the authors do concentrate on the methodology and offensive mindset needed to attack any SQL database. I believe dedicated readers could apply the lessons of SIAAD to products beyond MS-SQL, Oracle, and MySQL.

Great work -- this is the sort of "niche book" that should be referenced by anyone else who wants to cover Web-related attacks.

4 of 4 people found the following review helpful

5.0 out of 5 stars Tour de Force Coverage of SQL Injection Issues, July 24 2009

By Data Guy - Published on Amazon.com

This review is from: SQL Injection Attacks and Defense (Paperback)

This is a book that I can heartily endorse. My bailiwick, and probably yours too if you are looking here, is data management and database administration. And if you function within that realm, you should be familiar with SQL injection attacks and how to defend them. Not surprisingly, given its title, that is just what this book provides.

SQL injection is quite dangerous, and yet is commonly misunderstood by many. This book, which is devoted exclusively to the SQL injection threat and how to defend against it, provides the knowledge and tactics you will need to understand and combat SQL injection attacks.

From the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures, the book is a SQL injection tour de force. The book is up-to-date and covers unique, publicly unavailable information. One quick example of a a major benefit of this book: you can make the code level and platform level defenses offered in Chapters 8 and 9 can available to the developers and system administrators responsible for Internet development at your shop... which should minimize the risk of SQL injection attacks.

If you are a DBA, programmer, or system analyst involved in writing Internet applications using database systems, then you owe it to yourself to buy and read SQL Injection Attacks and Defense. It just may save your data!

› Go to Amazon.com to see all 12 reviews 4.8 out of 5 stars

Listmania!

Create a Listmania! list

Look for similar items by category

Look for similar items by subject

Feedback

Would you like to update product info or give feedback on images?

Amazon.ca Privacy Statement

Amazon.ca Shipping Information

Amazon.ca Returns & Exchanges

Get to Know Us

Make Money with Us

Let Us Help You

Conditions of Use | Privacy Notice | Interest-Based Ads � 2008-2012, Amazon.com, Inc. or its affiliates