TALK: How to lose your database and your job
This is a talk geared towards developers who have heard of SQL Injection, but haven’t seen it in action, or are unsure about how to do anything about it. Contains demos of what SQL injection looks like, and why escaping quotes is nowhere near sufficient.
Download the slides & speaker notes: https://mega.nz/#!s9IxGCoa!xvtlAeHMBB6qQ-DFhiOtgvZm0_CCYu8H5NDhPlPs5P0
VM for testing commands: https://sourceforge.net/projects/owaspbwa/files/