SQLInjection
SQL Injection is a web security vulnerability where an attacker inserts malicious SQL statements into an application's input fields, tricking the backend database into executing unintended queries that can expose, modify, or delete data.
12 resources across 3 libraries
Glossary Terms(8)
SQL Injection
SQL Injection is a web security vulnerability where an attacker inserts malicious SQL statements into an application's input fields, tricking the backend datab…
XSS
Cross-Site Scripting (XSS) is a web security vulnerability that lets an attacker inject malicious client-side scripts into pages viewed by other users. When un…
OWASP ZAP
OWASP ZAP (Zed Attack Proxy) is a free, open-source dynamic application security testing (DAST) tool maintained by the OWASP Foundation, used to find security…
Checkmarx
Checkmarx is an application security platform best known for its static application security testing (SAST) engine, which scans source code for vulnerabilities…
SonarQube Security
SonarQube Security refers to the security-focused static analysis capabilities within SonarQube, a widely used code quality platform, which identify security v…
Web Application Firewall (WAF)
A Web Application Firewall (WAF) is a security control that filters, monitors, and blocks HTTP/HTTPS traffic to and from a web application, protecting it from…
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is a web security vulnerability that lets an attacker inject malicious JavaScript into a page viewed by other users, allowing them t…
OWASP Top 10
The OWASP Top 10 is a regularly updated awareness document published by the Open Worldwide Application Security Project that ranks the ten most critical securi…
Study Notes(1)
Interview Questions(3)
What Techniques Prevent SQL Injection?
SQL injection is prevented primarily by using parameterized queries (or prepared statements) so user input is always bound as data and never concatenated into…
What Are Parameterized Queries and Why Do They Matter?
A parameterized query is a SQL statement written with placeholders in place of literal values, where the actual values are supplied separately and bound by the…
What Is SQL Injection and How Do You Prevent It?
SQL injection is a vulnerability where an attacker supplies crafted input that gets concatenated directly into a SQL query string, causing the database to exec…