The book is divided into 8 parts that include 26 chapters and 3 appendixes. Database systems are discussed in separate sections:
Part I, Introduction
Chapter 1, Why Care About Database Security?
Part II, Oracle
Chapter 2, The Oracle Architecture
Chapter 3, Attacking Oracle
Chapter 4, Oracle: Moving Further into the Network
Chapter 5, Securing Oracle
Part III, DB2
Chapter 6, IBM DB2 Universal Database
Chapter 7, DB2: Discovery, Attack, and Defense
Chapter 8, Attacking DB2
Chapter 9, Securing DB2
Part IV, Informix
Chapter 10, The Informix Architecture
Chapter 11, Informix: Discovery, Attack, and Defense
Chapter 12, Securing Informix
Part V, Sybase ASE
Chapter 13, The Sybase Architecture
Chapter 14, Sybase: Discovery, Attack, and Defense
Chapter 15, Sybase: Moving Further into the Network
Chapter 16, Securing Sybase
Part VI, MySQL
Chapter 17, MySQL Architecture
Chapter 18, MySQL: Discovery, Attack, and Defense
Chapter 19, MySQL: Moving Further into the Network
Chapter 20, Securing MySQL
Part VII, SQL Server
Chapter 21, Microsoft SQL Server Architecture
Chapter 22, SQL Server: Exploitation, Attack, and Defense
Chapter 23, Securing SQL Server
Part VIII, PostgreSQL
Chapter 24, The PostgreSQL Architecture
Chapter 25, PostgreSQL: Discovery and Attack
Chapter 26, Securing PostgreSQL
Appendix A, Example C Code for a Time-Delay SQL Injection Harness
Appendix B, Dangerous Extended Stored Procedures
Appendix C, Oracle Default Usernames and Passwords
Within each section, we discuss the basics of the architecture of the database how to find it in a network, roughly how it's structured, and any architectural peculiarities it may have. We then move on to describe how the system can be attacked , covering the various categories of security problems, how these problems can be used by an attacker, and how you can defend against them. We then discuss the ways in which an attacker can gain further access to the network, having compromised the database server. Finally, we discuss the best approaches to securing the database system, in a handy quick-reference guide.