🍋
peasy / audio
Menu
Semua Alat Panduan 30 Glosarium 44 Format File 131 Studi Kasus 302 API

Categories

P pdf I image D document T text D developer C css D design V video A audio Q qr S seo S security S social M math G generator
🍋 peasytools.com
Security

SQL Injection

SQL Injection Attack

Inserting malicious SQL code into application queries to access, modify, or delete database data.

Detail Teknis

SQL Injection occurs when user input is concatenated directly into SQL queries. Example: ' OR 1=1 -- turns a login query into 'SELECT * FROM users WHERE password = '' OR 1=1'. The primary defense is parameterized queries (prepared statements) where the database engine separates SQL logic from data values. ORM frameworks (Django ORM, SQLAlchemy, Prisma) generate parameterized queries automatically. Additional defenses: least-privilege database accounts, input validation, and WAF (Web Application Firewall) rules.

Contoh

```javascript
// SQL Injection — Web Crypto API example
const data = new TextEncoder().encode('sensitive data');
const hash = await crypto.subtle.digest('SHA-256', data);
const hex = Array.from(new Uint8Array(hash))
  .map(b => b.toString(16).padStart(2, '0')).join('');
```

Format Terkait

.sql

Alat Terkait

G Generator Kata Sandi P Pemeriksa Kekuatan Kata Sandi G Generator Hash G Generator HMAC E Enkripsi / Dekripsi AES G Generator String Acak G Generator Header CSP P Peredaksi Teks G Generator Header CORS G Generator Hash SRI B Base64 Encoder / Decoder J JWT Decoder U UUID Generator T TOTP Configurator P Pemformat SQL S SSL Certificate Decoder

Istilah Terkait

AES Checksum Command Injection Certificate Pinning Argon2 CORS Misconfiguration SQL 2FA Clickjacking