Browse by Tags

All Tags » ASP (RSS)
Monday, June 30, 2008 2:21 PM

Automate MSSASI As A Shell Command

I have created an ASP.NET page to automate the Microsoft Source Code Analyzer for SQL Injection command line tool. It would be tedious to craft a command for every page in a large Classic ASP web site. I was unable to scan my entire site until I developed...
Posted by rrobbins | 3 comment(s)
Filed under: , , ,
Wednesday, June 25, 2008 9:34 AM

SQL Injection Security Experiences

Last evening I tried out two of the tools that Joe Stagner wrote about in his blog post Tools to block and eradicate SQL injection . Since I manage a classic ASP web application that was completely lacking in security and potentially vulnerable to these...
Posted by rrobbins | with no comments
Filed under: , , , ,
Friday, May 23, 2008 9:02 AM

SQL Injection Threat On The Rise

I've been following the rise of SQL Injection attacks because I'm busy protecting a vulnerable web application. I'm very critical of the lack of attention this is getting in the developer community. In my opinion, if web developers were really communicating...
Posted by rrobbins | 1 comment(s)
Filed under: , , ,
Wednesday, April 30, 2008 2:46 PM

Massive SQL Injection Attack - Did You Hit The Snooze Alarm On The Wake Up Call?

I've seen very little blogger chatter about the massive SQL injection attack that is making the news even though it is us web developers who are being blamed for it. Even Jeff Atwood has neglected to blog about it and he loves to rant about shoddy coding...
Posted by rrobbins | 2 comment(s)
Filed under: , ,
More Posts