Dark Reading

WAFs And SQL Injection

The ModSecurity site is putting on the SQL Injection Challenge. Contestants are attempting to find successful SQL injection attacks against target applications. The four sample applications are from ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...