Writing Secure Code
| | ||
-
Writing Secure Code, Second Edition by Michael Howard and David C. LeBlanc (Microsoft Press, 2002), Chapter 12, Database Input Issues
-
Sarbanes-Oxley Act of 2002: www.aicpa.org/ info /sarbanes_oxley_summary.htm
-
The Open Web Application Security Project (OWASP): www.owasp.org
-
Advanced SQL Injection In SQL Server Applications by Chris Anley: www.nextgenss.com/papers/advanced_sql_injection.pdf
-
Web Applications and SQL Injection: www.spidynamics.com/whitepapers/ WhitepaperSQLInjection.pdf
-
Detecting SQL Injection in Oracle by Pete Finnigan: www.securityfocus.com/infocus/1714
-
How A Criminal Might Infiltrate Your Network by Jesper Johansson: www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx
-
SQL Injection Attacks by Example by Stephen J. Friedl: www.unixwiz.net/techtips/ sql-injection .html
-
Oracle 10g SQL Regular Expressions: http://searchoracle.techtarget.com/searchOracle/downloads/10g_sql_regular_expressions.doc
-
Regular Expressions in T-SQL by Cory Koski: http://sqlteam.com/item.asp?ItemID=13947
-
xp_regex: Regular Expressions in SQL Server 2000 by Dan Farino: www.codeproject.com/managedcpp/xpregex.asp
-
SQLRegEx: www.krell-software.com/sqlregex/regex.asp
-
DB2 Bringing the Power of Regular Expression Matching to SQL www-06.ibm.com/developerworks/db2/library/techarticle/0301stolze/0301stolze.html
-
MySQL Regular Expressions: http://dev.mysql.com/doc/mysql/en/Regexp.html
-
Hacme Bank: www.foundstone.com/resources/proddesc/hacmebank.htm