Thursday, June 18, 2009
How to check web applications for SQL injection vulnerabilities
In a previous post, we linked to an article which gave an in-depth explanation of SQL injection vulnerabilities, and what impact such vulnerabilities can have on your web application. Now, that you know what they are and what their impact could be, how can you find out if your website is vulnerable to SQL injection attacks?
Checking for SQL Injection vulnerabilities involves auditing your website and web applications. Manual vulnerability auditing is complex and very time-consuming. It also demands a high-level of expertise and the ability to keep track of considerable volumes of code and of all the latest tricks of the hacker’s ‘trade’.
Click here to read why an automated heuristic web vulnerability scanner such as Acunetix WVS, is a better solution than a signature-matching solution for detecting SQL injection vulnerabilities on your website or web application.
Source Acunetix Blog