Solved

tool for sql injection

Posted on 2013-02-04
3
208 Views
Last Modified: 2013-02-28
my security report came back saying that 1 of my pages could be atacked by sql injection.  Is there agood test tool for free if possible?
0
Comment
Question by:Wigging
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Assisted Solution

by:plusone3055
plusone3055 earned 150 total points
ID: 38851164
0
 
LVL 9

Accepted Solution

by:
WebDevEM earned 200 total points
ID: 38851183
Hi Wigging,

You'd be amazed how often that happens and people don't know it until after they're hacked into... Most times it turns out to be something simple like executing a query based on text that either the user has entered or can be modified between the user and the page that will execute it.  

I used a tool called "Burp" to test a site a while back that my client had found vulnerabilities in.  There is a paid version which will actively search for issues, but the free version worked well for me when I knew what pages to focus on.  It's been a few years since I used it though, so I'm afraid I won't be able to offer any specific advice in the tool.

I hope this helps,

WebDevEM
0
 
LVL 83

Assisted Solution

by:CodeCruiser
CodeCruiser earned 150 total points
ID: 38854454
You can make sure you do not use concatenation with your SQL queries and you will stop SQL injection.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to make search between pages 17 59
VB.net Is there code behind PowerPivot 2 70
Telerik RadEditor Control Save 8 39
Call a VB.net function in Javascript 6 51
Article by: jpaulino
XML Literals are a great way to handle XML files and the community doesn’t use it as much as it should.  An XML Literal is like a String (http://msdn.microsoft.com/en-us/library/system.string.aspx) Literal, only instead of starting and ending with w…
Well, all of us have seen the multiple EXCEL.EXE's in task manager that won't die even if you call the .close, .dispose methods. Try this method to kill any excels in memory. You can copy the kill function to create a check function and replace the …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question