I have created an ASP.NET page to automate the Microsoft Source Code Analyzer for SQL Injection command line tool. It would be tedious to craft a command for every page in a large Classic ASP web site. I was unable to scan my entire site until I developed...
Last evening I tried out two of the tools that Joe Stagner wrote about in his blog post Tools to block and eradicate SQL injection . Since I manage a classic ASP web application that was completely lacking in security and potentially vulnerable to these...
I've been following the rise of SQL Injection attacks because I'm busy protecting a vulnerable web application. I'm very critical of the lack of attention this is getting in the developer community. In my opinion, if web developers were really communicating...