2017-08-06, 08:15 AM
We could have an automated test which automatically goes through all the route handlers, attempts to inject SQL, and logs if there are any irregular errors. This might help in automatically discovering SQL Injection exploits.
While prepared statements can eliminate 99.99% of exploits, they aren't perfect either.
While prepared statements can eliminate 99.99% of exploits, they aren't perfect either.