Blind SQL injections or "Are your tests good enough"
At present more and more projects are reviewed for safety criteria, but how good are your tests?
In this report I will discuss the detection of the blind SQL injection. In particular, will be considered the following issues:
- Types of vulnerabilities
- Universal detection techniques
- Software methods for detecting these vulnerabilities
Слепые SQL инъекции. Достаточно ли хороши ваши тесты? from Vlad Orlikov on Vimeo.