Jay Taylor's notesback to listing index
How to audit for SQL injection in production environments[web search]
Original source unknown
Clipped on: 2011-11-17
- Build a map of pairs of unique queries / hash of query
- Make sure these queries look good
- Now you have a whitelist of audited queries, whenever you see a new type of query, review to make sure it looks okay.
Thanks goes to Artem Veremey for this.