sqlinjectionlab | Channel 9

Sign In | Sign In (No Live ID)

Subscribe

Return to HomePage

SQL Injection Lab Modules

The SQL injection lab modules show you how to protect from SQL injection.

Contents

* Objectives
* Video
* Lab
* Recommended Guidance
* Feedback

Objectives

* Exploit a SQL injection vulnerability.
* Defend against SQL injection by filtering and sandboxing input with a parameterized query.

Video

The video is a small wmv file download:
* Video Demonstration: SQL Injection

Lab

The lab is small zip that you need to extract to see the example code:
* Lab Project Files SQLInjectionLab.zip

Recommended Guidance

* How To: Protect From SQL Injection in ASP.NET
* How To: Protect From Injection Attacks in ASP.NET
* How To: Use Regular Expressions to Constrain Input in ASP.NET
* Security Guidelines: ADO.NET 2.0 (See "Input and Data Validation" section)
* Security Guidelines: ADO.NET 2.0 (See "SQL Injection" section)
* Design Guidelines for Secure Web Applications (See "Input Validation" section)
* Architecture and Design Review for Security (See "Input Validation" section)
* Security Guidelines: ASP.NET 2.0 (See "Input and Data Validation" section)

Feedback

* Send mail to labmods at microsoft.com

Return to HomePage

- History
  
  Modified By: Korayem
  
  Aug 26th, 2008 @ 10:16 AM
  
  Views (891)
- Share
  - Del.icio.us
  - Digg
  - FriendFeed
  - Facebook
Markup Quick Guide

*bold*

_italics_

+underline+

! Heading 1

!! Heading 2

* Bullet List

** Bullet List 2

# Number List

## Number List 2

[another wiki page]

[url:http://www.example.com]

[image:example.gif]

{"Do not apply formatting"}

Channel 9

Channel 9: This Week C9: Speech Recognition, Army of 1, TweetCraft and more

WindowsClient

WindowsClient: Can anyone be a DJ?

WindowsClient

WindowsClient: RenderTargetBitmap tips

TechNet Edge

TechNet Edge: Tools to plan and deploy Windows 7 or Server 2008 R2

IIS.NET

IIS.NET: Getting both FastCGI module and AppPool CPULimit to work

WindowsClient

WindowsClient: Microsoft Worldwide Partner Conference

WindowsClient

WindowsClient: Lonely Planet POC on Microsoft Surface

Channel 10

Channel 10: Deep Zoom into MJ’s Life in Pictures

Channel 10

Channel 10: Bing Gets All Twittery

Channel 10

Channel 10: Follow @Microsoft on Twitter (...and All the Rest!)

Channel 9

Channel 9: TweetCraft - A World of Warcraft Twitter Client

Channel 10

Channel 10: TweetCraft: Tweet From World of Warcraft

Channel 9

Channel 9: Microsoft Security Development Lifecycle Templates

WindowsClient

WindowsClient: Hanselminutes Podcast 168 - Successful Cross Platform .NET Development - Mono and Banshee with Aaron Bockover

Channel 10

Channel 10: More Details on Gazelle, Microsoft Research's "Browser OS"

Channel 10

Channel 10: Now You Can Get All Your Mail in Hotmail

TechNet Edge

TechNet Edge: Screencast (Part 1 of 4): Master Your Environment with System Center Configuration Manager 2007

WindowsClient

WindowsClient: JUST RELEASED: p&p Acceptance Test Engineering Guide, Volume I - beta2

TechNet Edge

TechNet Edge: Exchange 2010 Rights Management and Transports

Channel 9

Channel 9: Expert to Expert: Harry Shum - General Purpose Search, Decision Engines and Bing

Microsoft Communities