EXHAUSTIVE SECURITY FUZZING FOR TRANSACT STRUCTURED QUERY LANGUAGE
First Claim
Patent Images
1. A computer implemented system comprising the following computer executable components:
- a fuzzing system that receives explicit user specified parameters for penetration testing of SQL server(s) associated therewith; and
a fuzzing component as part of the SQL server to provide an entry point for the fuzzing system and update the explicit user specified parameters.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods that incorporate fuzzing capabilities within an SQL server to facilitate penetration testing. A fuzzing component associated with the SQL server provides an entry point for accessing the fuzzing system to update explicit user specified parameters associated with SQL, wherein the server'"'"'s in depth knowledge regarding semantics of the language code (e.g., manner of parsing) can be employed to determine vulnerabilities thereof.
55 Citations
20 Claims
-
1. A computer implemented system comprising the following computer executable components:
-
a fuzzing system that receives explicit user specified parameters for penetration testing of SQL server(s) associated therewith; and a fuzzing component as part of the SQL server to provide an entry point for the fuzzing system and update the explicit user specified parameters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer implemented method comprising the following computer executable acts:
-
supplying entry points for accessing a fuzzing system of an SQL server; and replacing user input for the fuzzing system with fuzz values that are created within the SQL server. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer implemented system comprising the following computer executable components:
-
fuzzing means for penetration testing of an SQL server; and means for providing an entry point for the fuzzing means.
-
Specification