Discover and read the best of Twitter Threads about #sqli

Most recents (2)

#favicons are #SVG with #XML payloads easily injected by malicious programs. #KHTML has been around for a very long time and this methodology of obfuscation has been in development since #NetscapeNavigator
whats a #favicon?
πŸ˜‰πŸ˜„πŸ˜†πŸ˜…πŸ˜ŒπŸ₯°πŸ˜€πŸ˜…πŸ˜ŒπŸ₯° lol dunno, sry bruh
Read 4 tweets
Right, #sqli or #sqlinjection.

Let's talk about it a little.

The concept is simple. Your code allows someone to place additional SQL commands in it. That "injected" code enables data access and/or system hacking (depending on the security in place).
The problem, and the solution, has been well defined since 1998.

Simply put:
Parameterize the query
Escape the input
Have proper security in place
Use correct data types

In a nutshell. There's a ton more details, but that covers the basics.
If you want a more thorough overview of what #SQLi consists of and you don't feel real nerdy at the moment, start with Wikipedia. They have it covered: en.wikipedia.org/wiki/SQL_injec…
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!