IIS 6 SQL Injection ISAPI

This ISAPI DLL prevents SQL Injection attempts by intercepting the HTTP requests and sanitizing both GET and POST variables (or any combination of both) before the request reaches the intended code.

This is especially useful for legacy applications not designed to deal with MS SQL Server Injection attempts. Though this application was designed with MS SQL Server in mind, it can be used with no or minimal changes with other database engines.

This ISAPI is only compatible with Internet Information Server (IIS) 6.0
I experienced some problems with latest version of this tool because my IIS crashed, I contacted Rodney Viana and he provided me answer useful for troubleshooting.
Tags: ,

About author

Vittorio Pavesi