Welcome to The Professional Security Testers Warehouse for the GPEN GSEC GCIH GREM CEH QISP Q/ISP OPST CPTS
Search
Nickname Password Security Code Security Code Type Security Code  
The best CEH V6 learning package
You are certified but are your qualified? Become qualified today.

Video Library

Skimming for ID theft
5 / 2
Views: 179
Comments: 1
11-01-2008 00:18

Latest version of ATM skimmer hidden behind a speaker looking device
5 / 2
Views: 193
Comments: 0
11-01-2008 00:11

ATM Scam, do check your ATM machine before using it
5 / 1
Views: 180
Comments: 1
10-31-2008 23:59

CyberSecurity NBISE

Forums Posts

Methodologies

Recommended PodCasts

Recommended Sites

Security Blogs

Security Forums

Best Downloads

Best Web Links

Survey

Whic of the following certifications would you like to get?

GPEN
GCIH
CEH
QEH
GREM
GSEC
CISSP
Security+
Other (please leave a comment)



Results
Polls

Votes: 217
Comments: 0

Who's Online

There are currently, 104 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

SQL Injection and Parameter Manipulation Video Clips
Posted on Wednesday, 03 March 2010 @ 10:13:58 EST
Contributed by cdupuis | Topic: SQL Security

NOTE FROM CLEMENT:
These two videos are very nice videos that demonstrate in simple terms what SQL Injections are and also what is Parameter Tampering.  It is not for the purpose to learn everything there is to know about the subject,  that would take weeks,  the goal is to educate people and developers on the issue.   They are great because of their short length and I like the animations as well.   One picture is worth a thousand words they say.  In this case on minute of video clip is worth 10 minutes of talks.    I will most certainly use them in some of my classes.  Job well done.   Clement

One of the biggest challenges of the security community is to build true SDLC (Secure development Life Cycle).

The biggest obstacle is that application developers at large lack the know-how and motivation to address application risk. 

At Checkmarx labs we thought that a new approach to application developers might help them cross the barrier.
We have developed as a pilot including two short animated clips that should help developers understand security flaws, how they can be detected and consequently prevented.

We built one clip for SQL Injection and another for Parameter Tampering - limited up to 5 minutes each.

We would appreciate feedback from the OWASP community whether the effort is meaningful and should it be extended.

Please feel free to use the clips freely.

The clips can be found at:

SQL Injection : http://www.youtube.com/watch?v=vjDrseRLyuA&hd=1

Parameter Tampering: http://www.youtube.com/watch?v=l5LCDEDn7FY&hd=1

Yours,

Maty Siman, CISSP
CTO
Checkmarx

Login

Nickname

Password

Security Code:
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Related Links

· More about SQL Security
· News by cdupuis
Most read story about SQL Security:
Deep Blind SQL Injection

Article Rating

Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad

Options

"SQL Injection and Parameter Manipulation Video Clips" | Login/Create an Account | 0 comments
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

You can syndicate our news using the file backend.php or ultramode.txt


All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2003-2008 by Clement Dupuis and Nathalie Lambert (Site Maintainers).

 


 

 


Page Generation: 0.16 Seconds