SQL Injection

A SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

Contents

  • What Is SQL Injection?.
  • Testing in SQL Injection.
  • Exploit SQL Injection.
  • Review Code for SQL Injection.
  • Understand Common Exploit Techniques.
  • Use Stacked Queries.
  • Identify the Database.
  • Non-Blind Fingerprint. Banner Grabbing.
  • Out-of-Band Communication.
  • Blind Fingerprint.
  • Extract Data through UNION Statements.
  • Match Columns. Match Data Types.
  • Use Conditional Statements.
  • Time-based. Error-based. Content-base.
  • Steal the Password Hashes.
  • Code Level Defenses for SQL Injection.
  • Exploit the Operating System.
  • Blind SQL Injection Exploitation.

Actual price Rs.- 5999.00

New Year Offer Rs.- 2000.00

About instructor

I love Computers, Technology and Information Security domain as a whole. Having an experience in Cyber Security, I understand the security in depth and risks that a company/organization may face.  I have experience in training students and corporate clients in the Information Security field having an expertise in Vulnerability Application and Penetration Testing (VAPT), EC-Council Certified Ethical Hacker (CEH) and Web Application Penetration Testing (WAPT).

Sumit Verma (Black Hat Hacker)

Web App Security Analyst

rating

Rated 4.8/5 based on 98 Reviews

our partners