My organization has recently been dealing with a spate of SQL injection attacks and I read about Havij, apparently...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
one of the most popular tools available to hackers for delivering these attacks. Can you suggest some methods for dealing with Havij? Is there anything that makes this specific tool stand out above others for hackers?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
The SQL injection tool Havij stands outs from other SQL injection (SQLi) tools like SQL Ninja or SQL map because of its comprehensive features. Some Web application security scanners include functionality to check for SQLi, but Havij is much more thorough on this front. There are other SQL injection tools available that have evolved over time to include more functionality and improved ease of use, even offering GUIs. Many pen testers and attackers craft tools to look for specific attack vectors that they have discovered to be the most effective.
Some database firewalls can protect against SQL injection, which could help enterprises defend against Havij attacks on the database level. You might be able to detect a remote host that is using Havij to scan for SQL injection and then block the host before it is able to compromise the security of the system. Havij could be blocked by a web application firewall, but it also has capabilities to bypass certain WAFs or IDSs.
While Havij might be responsible for certain SQL injection attacks, there are other SQL injection tools, including Web application security scanners and manual testing, that will also cause issues for enterprises only focused on defending against a specific tool like Havij. So even if an enterprise can block attacks from Havij, it may not be able to block all SQL injection attacks. Following the guidance from OWASP via its SQL Injection Cheat Sheet is the best place to start when putting mitigations in place to protect against Havij and other SQL injection tool attacks.
Dig Deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)
Related Q&A from Nick Lewis
Malware is increasingly using DNS tunnels to aid in data exfiltration. Expert Nick Lewis explains how the attacks work and how best to defend against...continue reading
Researchers warned about the rise of a new cross-site scripting flaw involving same-origin policy. Expert Nick Lewis explains the vulnerability and ...continue reading
Malware authors are adopting software wrapping to hide malicious code and avoid detection. Expert Nick Lewis explains how to defend against the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.