CEH v11: SQL Injection Concepts & Attacks

Ethical Hacker v11    |    Intermediate
  • 3 videos | 57m 52s
  • Includes Assessment
  • Earns a Badge
Rating 4.7 of 24 users Rating 4.7 of 24 users (24)
Many web applications store data in a back-end database and the data is then retrieved as the end user requests it from the front end. This process can allow for end-user injection of SQL queries, revealing sensitive data to the unauthorized attacker. In this course, you'll learn about SQL injection, including attack types, tools, security controls, and defense evasion techniques. Next, you'll explore error-based SQLi and how to test for and exploit this common SQLi vulnerability. SQL injections can be used to gain access to sensitive information or even allow access into a remote system, but they aren't always easily executed. To complete this course, you'll learn about blind-based SQLi methods and how to use them to access sensitive information on a remote system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

WHAT YOU WILL LEARN

  • Identify the type of sql injection attack used gain web applications that store and deliver data
    recognize the security controls and defenses that can be used to prevent sql injection attacks
    recognize the types of sql injection attacks
    describe how to find spots where sql injection could be attempted against a web application that stores and delivers data
    Describe how error-based sqli can be tested for
  • recognize how to use error-based sqli to enumerate the database
    identify ways to exploit sqli vulnerabilities
    Describe the time-based blind sqli method that can be used to access information on a remote system
    recognize the types of blind-based sqli that can be used to access sensitive information

IN THIS COURSE

  • Locked
    1.  SQL Injection Concepts
    22m 51s
    Upon completion of this video, you will be able to describe how to find spots where SQL Injection could be attempted against a web application that stores and delivers data. FREE ACCESS
  • Locked
    2.  Error-based SQLi Attacks
    20m 48s
    After completing this video, you will be able to describe how error-based SQLi can be detected. FREE ACCESS
  • Locked
    3.  Blind-based SQLi Attacks
    14m 14s
    After completing this video, you will be able to describe the time-based blind SQL injection method that can be used to access information on a remote system. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course CEH v12: SQL Injection Concepts and Attacks
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Course CEH v12: Social Engineering, Insider Threats, and Identity Theft
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Course CEH v11: Cybersecurity Basics, Attacks & Information Warfare
Rating 4.6 of 242 users Rating 4.6 of 242 users (242)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course CEH v11: PKI, Cryptanalysis & Attack Countermeasures
Rating 4.4 of 18 users Rating 4.4 of 18 users (18)
Course CEH v11: Web Server Hacking, Attacks & Attack Methodologies
Rating 4.4 of 19 users Rating 4.4 of 19 users (19)
Course CEH v11: Cloud Computing, Containers, Hacking & Security Controls
Rating 4.6 of 18 users Rating 4.6 of 18 users (18)