from Hacker News

SQL injection in one minute

by detectify on 9/22/12, 7:24 PM with 2 comments

A short 101 tutorial on how SQL-injections work

  • by dguido on 9/22/12, 8:14 PM

    How many times do people need to talk about SQL injection before people writing web apps get it? This isn't news and this isn't hard to completely avoid. Just do it and stop being amazed every time someone puts a tick mark in an URL parameter (or any parameter for that matter).

    EDIT: I looked around this detectify website and found this gem: http://blog.detectify.com/post/22258359654/zerg-rush-how-to-...

    "326 exploits found"

    I have so much faith that this company will do well. If you're interested in others like it that might fair better, you can try WhiteHat Security or Tinfoil Security, both of which do web security scanning as a service.

    https://www.whitehatsec.com/

    https://www.tinfoilsecurity.com/