Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Mastering SQL Injection - The Ultimate Hands-On Course
Introduction
Course Introduction (2:19)
Getting help
Answering your questions (1:53)
SQL Injection - Technical Deep Dive
Agenda (1:28)
What is SQL Injection? (29:42)
How to Find SQL Injection Vulnerabilities? (12:09)
How to Exploit SQL Injection Vulnerabilities? (12:38)
How To Prevent SQL Injection Vulnerabilities? (8:56)
Additional Resources (0:43)
Lab Environment Setup
Lab Environment Setup (7:21)
Step-by-Step Guide
Hands-on SQL Injection Labs
Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden (28:33)
Lab #2 SQL injection vulnerability allowing login bypass (33:12)
Lab #3 SQLi UNION attack determining the number of columns returned by the query (33:54)
Lab #4 SQL injection UNION attack, finding a column containing text (29:03)
Lab #5 SQL injection UNION attack, retrieving data from other tables (24:40)
Lab #6 SQL injection UNION attack, retrieving multiple values in a single column (29:18)
Lab #7 SQL injection attack, querying the database type and version on Oracle (26:45)
Lab #8 SQLi attack, querying the database type and version on MySQL & Microsoft (22:10)
Lab #9 SQL injection attack, listing the database contents on non Oracle databas (45:13)
Lab #10 SQL injection attack, listing the database contents on Oracle (40:19)
Lab #11 Blind SQL injection with conditional responses (48:33)
Lab #12 Blind SQL injection with conditional errors (44:52)
Lab #13 Blind SQL injection with time delays (19:03)
Lab #14 Blind SQL injection with time delays and information retrieval (35:31)
Note - Changes to Burp Collaborator
Lab #15 Blind SQL injection with out-of-band interaction (10:14)
Lab #16 Blind SQL injection with out of band data exfiltration (8:08)
Lab #17 SQL injection with filter bypass via XML encoding (7:10)
Lab #18 Visible error-based SQL injection (14:42)
Bonus Lecture
Bonus Lecture
Teach online with
Lab #9 SQL injection attack, listing the database contents on non Oracle databas
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock