Specialized Testing: SQL Injection
This course will teach you how to test for SQL injection, one of the most common security issues in desktop and web applications alike.
What you'll learn
Since the late 1990s, SQL injection has been one of the most common security issues in desktop and web applications alike. In this course, Specialized Testing: SQL Injection, you’ll learn to audit an application for SQL injection. First, you’ll explore the mechanics of SQL injection. Next, you’ll discover the different types of SQL injection. Finally, you’ll learn how to test for SQL injection vulnerabilities. When you’re finished with this course, you’ll have the skills and knowledge of testing for SQL injection needed to audit an application for this kind of vulnerability.
Table of contents
- Introduction 2m
- Types of SQL Injection 3m
- SQL Injection Detection Workflow 4m
- Common In-band Attacks 2m
- Demo: Signing in with Arbitrary Accounts 8m
- Demo: UNION Attacks 6m
- Demo: Retrieving Additional Data 4m
- Demo: Retrieving Authentication Information 6m
- Demo: Blind SQL Injection 5m
- Demo: Out-of-band SQL Injection 4m