• Online, Self-Paced
Course Description

Used to attack data-driven applications in which malicious SQL statements are inserted into an entry field for execution SQL Injection allows attackers to conduct a number of malicious activities to data including but not limited to becoming administrators of the database server. This course teaches how to identify, test, and exploit these vulnerabilities.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills to:

  • Test for the presence of SQL Injection vulnerabilities
  • Exploit SQL Injection vulnerabilities
  • Identify the common tools and techniques used to exploit SQL Injection vulnerabilities

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.