This is regarding security of a Database ...How can i test the security of a DB written using Stored Procedures.... 1.Can I do SQl Injection attacks..If not what else are the methods
Security testing can be performed in many ways. It can performed specified areas
1. Black-Box Level 2. White-Box Level and finally at 3. Database Level.
For each of these there incudes different types of methods and based on these we can follow them. But all these methods can be used manually to test your application in above specified areas. We also require certian tools for few of the methods
Here are the list of security testing methods and techniques used in 3 areas
Functionality Testing a. Session Hijacking b. Session Prediction c. E-mail Spoofing d. Content Spoofing e. Phishing f. Password Cracking g. Active Program Scripting Exploits
White-Box Testing a. Malicious Code Injection b. Penetration testing c. Input Validation d. Variable Manipulation
Database Testing (Stored procedures can be testing by SQL Injection and variable manipulation techniques you can fine more info on net) a. SQL injection b. Blind SQL Injection(Part of SQL Injection) c. Input Validation
Atlast at website/webapplication level a. Cross-site scripting b. SSI Injection c. IP Spoofing
Hope this gives idea on what is security testing and in which all areas we carry out testing with what all methods and techniques
For any more clarifications you can write at idreams27@yahoo.com
Thanks Narasimha
Above answer was rated as good by the following members: ramgupta
RE: This is regarding security of a Database ...How ca...
hi
Security testing is very critical these testing was performed by seperate team.for these security testing these people r using separate tools.by using stored procedures also we can perform the testing but we hav knoledge on database.Security testing performs penetration testing which is very tough.
By using queries also we can test the database but it requries more exposure on writing the database queries.
RE: This is regarding security of a Database ...How ca...
Hi
Security testing can be performed in many ways. It can performed specified areas
1. Black-Box Level 2. White-Box Level and finally at 3. Database Level.
For each of these there incudes different types of methods and based on these we can follow them. But all these methods can be used manually to test your application in above specified areas. We also require certian tools for few of the methods
Here are the list of security testing methods and techniques used in 3 areas
Functionality Testing a. Session Hijacking b. Session Prediction c. E-mail Spoofing d. Content Spoofing e. Phishing f. Password Cracking g. Active Program Scripting Exploits
White-Box Testing a. Malicious Code Injection b. Penetration testing c. Input Validation d. Variable Manipulation
Database Testing (Stored procedures can be testing by SQL Injection and variable manipulation techniques you can fine more info on net) a. SQL injection b. Blind SQL Injection(Part of SQL Injection) c. Input Validation
Atlast at website/webapplication level a. Cross-site scripting b. SSI Injection c. IP Spoofing
Hope this gives idea on what is security testing and in which all areas we carry out testing with what all methods and techniques
For any more clarifications you can write at idreams27@yahoo.com
1 
0