Video description
This video takes you through everything you need to understand SQL injection and how to prepare for attacks as well as how to prevent them. It covers vulnerable website links, basic injection attacks, database and table name discovery, and data extraction. It's everything an ethical hacker needs to know about a SQL injection attack.
Web penetration/hacking is a critical issue affecting organizations of all sizes and a SQL injection attack is widely used to perform this attack. SQL injection is a serious web security risk for many organizations used to gather sensitive information from websites. Attackers can easily compromise vulnerable systems. SQL injection is the number one risk in the market. It's easily discoverable to hackers and the impact of this type of attack is severe. It deserves the number one spot.
What You Will Learn
- Use the Sqlsus tool—an open source MySQL injection and takeover tool
- Analyze time-based SQL injection attacks
- Understand different SQL injection types
- Review error-based SQL injection attacks
- Apply various methods to retrieve table names, column names, and data
Who This Video Is For
Network security experts, web security specialists, application security experts, penetration testers, and ethical hackers.
Table of Contents
Overview
00:01:14
Introducing SQL Injection Attacks
About SQL Injection Attacks
00:02:27
Types of SQL Injection Attacks
00:02:54
Automated SQL Injection Attack
Using SQLMAP tool
00:07:57
Using the jSQL tool
00:04:39
Using the SQLSUS tool
00:07:04
Manual SQL Injection Attacks
Blind SQL Injection Attacks
00:04:10
Error-Based Injection Attacks
00:04:36
Find Vulnerable Columns
00:05:00
Find Database Names and Table Names
00:04:53
Find Column Names
00:05:01
Find Sensitive Data
00:05:33
Time-Based Injection
00:04:57