Back to all learning paths
PRACTITIONER

SQL injection

This learning path teaches you how to find and exploit SQL injection, a classic vulnerability responsible for many high-profile data breaches. This path is suitable regardless of whether you're completely new to SQL injection or want to improve your existing knowledge and skills.

Contents

Resume now: Extracting sensitive data via verbose SQL error messages - Continued

37 of 51

RESUME LEARNING


What is SQL injection? 1 of 1



How to detect SQL injection vulnerabilities 2 of 2



Retrieving hidden data 3 of 3



Subverting application logic 2 of 2



SQL injection UNION attacks 2 of 2



Determining the number of columns required 4 of 4



Finding columns with a useful data type 2 of 2



Using a SQL injection UNION attack to retrieve interesting data 2 of 2



Retrieving multiple values within a single column 2 of 2



Examining the database 5 of 5



Blind SQL injection 2 of 2



Exploiting blind SQL injection by triggering conditional responses 4 of 4



Error-based SQL injection 6 of 7



Exploiting blind SQL injection by triggering time delays 0 of 3



Exploiting blind SQL injection using out-of-band (OAST) techniques 0 of 5



SQL injection in different contexts 0 of 2



Second-order SQL injection 0 of 1



How to prevent SQL injection 0 of 2