Tutorial Home

Audience and Prerequisites

Using this Tutorial

1. SQL Injection Overview

2. Reducing the Attack Surface

3. Avoiding Dynamic SQL

4. Using Bind Arguments

5. Filtering Input with DBMS_ASSERT

6. Designing Code Immune to SQL Injections

7. Testing Code for SQL Injection Flaws

Summary