SQL Injection Prevention

Prophaze WAF deployed wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage . The most common sql injection methods blocked are .

  • SQL comment sequence

  • SQL hex sequence

  • SQL String Termination

  • SQL Operators Blocking

  • Blocks SQL Tautologies

  • Blocks Common Database Names

  • Blind SQL injection Blocking

  • Injection Character anomaly blocking

  • Injection Payload Blocking

  • MSSQL specific signatures

  • SQL Integer overflow

  • SQL sleep command exploit

  • Prevents conditional SQL injection

  • MySQL character switch injection

  • SQL Authentication Bypass

  • pg_sleep injection

  • Chained SQL Injection

  • Stored procedure Injection

  • UDF Injection using data structure manipulation

  • Concatenated SQL Injection

Last updated