Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

IIS 6 SQL Injection Prevention ISAPI (GNU License)

from [Rodney Viana (Plenux)] Network Security [Permanent Link]
Subject: IIS 6 SQL Injection Prevention ISAPI (GNU License)
Date: Wed, 13 Feb 2008 08:53:32 -0600 
Hi All,

IIS 6 SQL Injection Prevention ISAPI (GNU License):
http://www.codeplex.com/IIS6SQLInjection


I created an ISAPI dll application to prevent SQL Injection attempts by
intercepting the HTTP requests and sanitizing both GET and POST variables
(or any combination of both) before the request reaches the intended code.
This is especially useful for legacy applications not designed to deal with
MS SQL Server Injection attempts. Though this application was designed with
MS SQL Server in mind, it can be used with no or minimal changes with other
database engines.

This ISAPI is only compatible with Internet Information Server (IIS) 6.0
which comes with Windows 2003. Windows XP uses IIS 5 engine which DOES NOT
support ISAPI Wildcard. The source code is included.

Cheers,

Rodney Viana, PMP
MCSE+I MCDBA MCT MCTS MOSS, SQL


-------------------------------------------------------------------------
Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • IIS 6 SQL Injection Prevention ISAPI (GNU License), Rodney Viana (Plenux) <=
Previous by Date:  Thanks to all, ExploitSearch in Top5 security must-have, Security Basic
Next by Date:  Certification for Web Application Security Professionals, Anurag Agarwal
Previous by Thread:  Thanks to all, ExploitSearch in Top5 security must-have, Security Basic
Next by Thread:  Certification for Web Application Security Professionals, Anurag Agarwal
Indexes:  [Date] [Thread] [Top] [All Lists]