Back to all learning paths

SQL injection

This learning path teaches you how to find and exploit SQL injection, a classic vulnerability responsible for many high-profile data breaches. This path is suitable regardless of whether you're completely new to SQL injection or want to improve your existing knowledge and skills.


Resume now: Extracting sensitive data via verbose SQL error messages - Continued

37 of 51


What is SQL injection? 1 of 1

How to detect SQL injection vulnerabilities 2 of 2

Retrieving hidden data 3 of 3

Subverting application logic 2 of 2

SQL injection UNION attacks 2 of 2

Determining the number of columns required 4 of 4

Finding columns with a useful data type 2 of 2

Using a SQL injection UNION attack to retrieve interesting data 2 of 2

Retrieving multiple values within a single column 2 of 2

Examining the database 5 of 5

Blind SQL injection 2 of 2

Exploiting blind SQL injection by triggering conditional responses 4 of 4

Error-based SQL injection 6 of 7

Exploiting blind SQL injection by triggering time delays 0 of 3

Exploiting blind SQL injection using out-of-band (OAST) techniques 0 of 5

SQL injection in different contexts 0 of 2

Second-order SQL injection 0 of 1

How to prevent SQL injection 0 of 2