Hosted by Dailymotion. For legal issues report at the Copyright Center, report us on DMC, or use the Instant Removal tool.
SQL Injections_ The Full Course
D
Dias Paypal
10 Views • Jul 01, 2024
Description
Welcome to this course on SQL injection attacks! In this course, we explore one of the biggest risks facing web applications today.
We start out by creating a safe and legal environment for us to perform attacks in. Then, we cover the core concepts of SQL and injections. After that, we learn SQL injection techniques with the help of cheat sheets and references. At that point, we start to gather information about our target in order to find weaknesses and potential vulnerabilities.
Once we've gathered enough information, we go full-on offensive and perform SQL injections both by hand and with automated tools. These attacks will extract data such as tokens, emails, hidden products, and password hashes which we then proceed to crack.
After successfully attacking and compromising our targets, we take a step back and discuss defensive controls at the network, application, and database layers. We also look at actual vulnerable code and show ways of fixing that vulnerable code to prevent injections.
Please note: Performing these attacks on environments you do not have explicit permissions for is illegal and will get you in trouble. That is not the purpose of this course. The purpose is to teach you how to secure your own applications.
Pre-Requisites:
To understand how SQL injections work and how to perform them as well as defend against them, you must have:
- Experience working with web applications
- Experience with SQL
Timestamps:
About the course - 00:00 - 04:15
Setting up a safe & legal environment - 4:16 - 14:20
Getting started with OWASP ZAP - 14:21 - 18:41
SQL Concepts - 18:42 - 25:16
SQL Injections Explained - 25:17 - 35:27
SQL Injections Cheatsheets - 35:28 - 45:08
Information Gathering - 45:09 - 58:36
SQL Injections Hands-On - 58:37 - 01:14:41
SQL Injections with SQLMap - 01:14:42 - 01:23:29
Defenses at the Network Layer - 01:23:30 - 01:25:58
Defenses at the Application Layer - 01:25:59 - 01:37:49
Defenses at the Database Layer - 01:37:50 - 01:41:40
Ending Screen - 01:41:41 - 01:41:50
We start out by creating a safe and legal environment for us to perform attacks in. Then, we cover the core concepts of SQL and injections. After that, we learn SQL injection techniques with the help of cheat sheets and references. At that point, we start to gather information about our target in order to find weaknesses and potential vulnerabilities.
Once we've gathered enough information, we go full-on offensive and perform SQL injections both by hand and with automated tools. These attacks will extract data such as tokens, emails, hidden products, and password hashes which we then proceed to crack.
After successfully attacking and compromising our targets, we take a step back and discuss defensive controls at the network, application, and database layers. We also look at actual vulnerable code and show ways of fixing that vulnerable code to prevent injections.
Please note: Performing these attacks on environments you do not have explicit permissions for is illegal and will get you in trouble. That is not the purpose of this course. The purpose is to teach you how to secure your own applications.
Pre-Requisites:
To understand how SQL injections work and how to perform them as well as defend against them, you must have:
- Experience working with web applications
- Experience with SQL
Timestamps:
About the course - 00:00 - 04:15
Setting up a safe & legal environment - 4:16 - 14:20
Getting started with OWASP ZAP - 14:21 - 18:41
SQL Concepts - 18:42 - 25:16
SQL Injections Explained - 25:17 - 35:27
SQL Injections Cheatsheets - 35:28 - 45:08
Information Gathering - 45:09 - 58:36
SQL Injections Hands-On - 58:37 - 01:14:41
SQL Injections with SQLMap - 01:14:42 - 01:23:29
Defenses at the Network Layer - 01:23:30 - 01:25:58
Defenses at the Application Layer - 01:25:59 - 01:37:49
Defenses at the Database Layer - 01:37:50 - 01:41:40
Ending Screen - 01:41:41 - 01:41:50
Keywords & Tags
More from User
08:29
Bash Script For Hacker (OSINT Tool For Finding Your Target By User Name)
Dias Paypal
01:23:58
NMAP Full Guide (You will never ask about NMAP again)
Dias Paypal
01:41:51
SQL Injections_ The Full Course
Dias Paypal
36:16
Beginner's Guide to sqlmap - Full Course
Dias Paypal
Related Videos
10:00
hacking website sql injection (jshopping products) +kali linux 2.0 -part-1-
Linux
04:22
How to set static ip address and networking details in Kali Linux
The Geeky Space
00:34
Linux Basics for Hackers , Getting Started with Networking, Scripting, and Security in Kali
DorisCopeland1209
09:48
Hacking A WPA_WPA2 Protected WiFi Network Using Kali Linux [With Commentary]
New Technology Updates
00:30
Linux Basics for Hackers , Getting Started with Networking, Scripting, and Security in Kali
tuwoy
13:55
Installing Kali 2017.3 in VirtualBox - Part 1 - Installing VirtualBox and Kali Linux
prime-rad-sec