Discovery and Fuzzing for SQL injections with Web 2.0 Applications

Web 2.0 application assessment is becoming increasingly challenging due to their behavior and implementation of the components. It is imperative to identify hidden Web 2.0 resources and fuzz them to detect SQL injection possibilities.

This paper describes some techniques and approaches to perform effective assessment on Web 2.0 applications on the basis of our recent experience and cases which were analyzed on the field.

Download the paper in PDF format here.