posted 9 years ago
Absolutely. Contrast does a great job with all kinds of injection. Basically, Contrast looks for any untrusted data that flows through your code and makes it to a SQL query. All you have to do is use your application normally and Contrast will do all the work. You don't have to type in any attacks! Let me know what you find.