Ask HN: Testing you own sites for SQL Injection and XSS

1 points by mootothemax ↗ HN
Hi everyone,

I'm getting a bit paranoid about some of my web apps being open to SQL injection and XSS. I'm using http://htmlpurifier.org/ to scrub inputs where necessary, but when it comes to SQL injection, I only know the absolute basics.

Do you test you apps using any tools? If so, which ones?

Likewise, what SQL injection tests do you run to make sure that you're not open to - at best - any of the more common attacks?

Thanks, Tom.

1 comment

[ 4.4 ms ] story [ 16.4 ms ] thread