Ethical Hacking: SQL Injection
Pluralsight
Course Summary
SQL injection remains the number one risk on the web today. Understanding how to detect it and identify risks in your web applications early is absolutely critical. This course goes through the risk in depth and helps you to become an ethical hacker with a strong SQL injection understanding. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
-
+
Course Description
Ever since we started connecting websites to databases, SQL injection has been a serious security risk with dire ramifications. The ability for attackers to run arbitrary queries against vulnerable systems can result in data exposure, modification, and in some cases, entire system compromise. SQL injection is classified as the number one risk on the web today due to the "perfect storm" of risk factors. It's very easily discoverable, very easily exploited, and the impact of a successful attack is severe. Add to that the fact that injection risks remain rampant, it's clear how it deserves that number one spot. This course takes you through everything from understanding the SQL syntax used by attackers, basic injection attacks, database discovery and data exfiltration, advanced concepts, and even using injection for network reconnaissance and running system commands. It's everything an ethical hacker needs to know to be effective in identifying the SQL injection risk in target systems. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
-
+
Course Syllabus
Why SQL Injection Matters- 20m 52s
—Overview 2m 23s
—The Significance of SQL Injection 5m 9s
—Executing a SQL Injection Attack 6m 1s
—The Impact of a Successful Attack 3m 35s
—SQL Injection in the Wild 2m 20s
—Summary 1m 23sUnderstanding SQL Queries- 23m 3s
—Overview 2m 55s
—Understanding Structured Query Language 6m 52s
—Statement Termination 2m 22s
—Using the SQL Comment Syntax 2m 19s
—SQL Queries Versus Data 4m 27s
—The Value of Internal Exceptions 1m 45s
—Summary 2m 20sThe Mechanics of SQL Injection Attacks- 45m 9sDiscovering Schema and Extracting Data- 45m 26sBlind SQL Injection- 46m 53sAdvanced SQL Injection Concepts- 44m 55sDefending Against Attacks- 44m 56sEvasion Techniques- 20m 43sAutomating Attacks- 33m 54s
