sqlinjectionlab | Channel 9

Sign In

Subscribe Follow Us On Twitter

Return to HomePage

SQL Injection Lab Modules

The SQL injection lab modules show you how to protect from SQL injection.

Contents

* Objectives
* Video
* Lab
* Recommended Guidance
* Feedback

Objectives

* Exploit a SQL injection vulnerability.
* Defend against SQL injection by filtering and sandboxing input with a parameterized query.

Video

The video is a small wmv file download:
* Video Demonstration: SQL Injection

Lab

The lab is small zip that you need to extract to see the example code:
* Lab Project Files SQLInjectionLab.zip

Recommended Guidance

* How To: Protect From SQL Injection in ASP.NET
* How To: Protect From Injection Attacks in ASP.NET
* How To: Use Regular Expressions to Constrain Input in ASP.NET
* Security Guidelines: ADO.NET 2.0 (See "Input and Data Validation" section)
* Security Guidelines: ADO.NET 2.0 (See "SQL Injection" section)
* Design Guidelines for Secure Web Applications (See "Input Validation" section)
* Architecture and Design Review for Security (See "Input Validation" section)
* Security Guidelines: ASP.NET 2.0 (See "Input and Data Validation" section)

Feedback

* Send mail to labmods at microsoft.com

Return to HomePage

- History
  
  Modified By: Korayem
  
  Aug 26th, 2008 @ 10:16 AM
  
  Views (1,190)
- Share
  - Del.icio.us
  - Digg
  - FriendFeed
  - Facebook
Markup Quick Guide

*bold*

_italics_

+underline+

! Heading 1

!! Heading 2

* Bullet List

** Bullet List 2

# Number List

## Number List 2

[another wiki page]

[url:http://www.example.com]

[image:example.gif]

{"Do not apply formatting"}

Silverlight: Silverlight Test Driven Development – Part II
WindowsClient: Battery notification messages in Windows 7
Silverlight: The Weekly Source Code 49 - SmallBasic is Fun, Simple, Powerful Programming for Kids and Adults
WindowsClient: 24 Hour 50% off Deal on my Upcoming Manning Book: Silverlight in Action, Revised Edition
Channel 9: C9 Conversations: Yuri Gurevich - Abstraction, Algorithms and Mathematical Logic
TechNet Edge: February 2010 Security Bulletin Overview
Channel 9: PhizzPop Develop & Design Challenge
Silverlight: Quick FAQ on Visual Studio 2010 RC release (February 2010) and Silverlight development
Channel 10: 5 Bing Map Apps for the Winter Olympics
TechNet Edge: TechNet Radio: Visio 2010: Visio Services
WindowsClient: Tip: New .NET 4 String Function to Check for Empty Strings
WindowsClient: Microsoft announces commercial availability of Surface in Australia
WindowsClient: SmallestDotNet Update - Now with .NET 4 support and an includable JavaScript API
Silverlight: Answering A C# Question
Channel 9: Jason Zander: Visual Studio 2010 Release Candidate Released
Channel 9: Help Desk Episode 1 with Chris Pirillo (Pilot) - Show Notes
Mix Online: Design for tables
Channel 10: Bing and Winter Olympics
Channel 10: Use Your Zune Remote to Control Windows Media Center
WindowsClient: Query Continuations for nested collections in Data Services
close

Microsoft Communities