Second-order SQL injection
SQL second-order works differently; one page in the web application takes the malicious user input and some other function on some other page or some other application retrieves this malicious content and parses it as a part of the query. Automated scanners are unable to detect such issues. However, Burp has an implemented logic that helps an attacker find out SQL second-order vulnerabilities.
推薦閱讀
- 白話網(wǎng)絡(luò)安全2:網(wǎng)安戰(zhàn)略篇
- Kali Linux Social Engineering
- 零信任網(wǎng)絡(luò):在不可信網(wǎng)絡(luò)中構(gòu)建安全系統(tǒng)
- 工業(yè)控制網(wǎng)絡(luò)安全技術(shù)
- Applied Network Security
- Learning Devise for Rails
- ARM匯編與逆向工程:藍(lán)狐卷·基礎(chǔ)知識(shí)
- 黑客攻防與網(wǎng)絡(luò)安全從新手到高手(絕招篇)
- Building a Home Security System with BeagleBone
- 軟件安全保障體系架構(gòu)
- 信息安全導(dǎo)論(第2版)
- Bug Bounty Hunting Essentials
- 網(wǎng)絡(luò)空間安全體系
- 互聯(lián)網(wǎng)域名國(guó)際化與安全技術(shù)導(dǎo)論
- Web安全之機(jī)器學(xué)習(xí)入門(mén)