File:Sutton - Revisiting SQL Injection.pdf

Michael Sutton's presentation to the Denver and Boulder OWASP Chapters in Feb 2008. Includes a discussion of SQL injection to tamper with data, specific recommendations regarding Input Validation (Data Validation), using Firebug and a local proxy (such as WebScarab) to do injection attacks against AJAX, and the results of the Fuggle project.