MVC

Don’t you dare to inject SQL !

Well, it’s just another post discussing sql injection but from defensive perspective. We all know how dangerous sql injection can be, so how do we prevent it from happening ? There are multiple ways:- 1- Whitelisting 2- Stored Procedure (Not So Safe which we will look into in another post) 3- Prepared Statements / Paramterized …

Don’t you dare to inject SQL ! Read More »

Prevent Command Injection In MVC .NET

Hacking & Security / By Owais Mehtab

Hi folks, i have recently started to look into vulnerabilities from development aspect and it’s quite interesting to write a vulnerable code and then fix it. In this post we are going to look at a simple command injection vulnerability and how to fix it. Before we start i would like to mention my test …

Prevent Command Injection In MVC .NET Read More »