Used to attack data-driven applications in which malicious SQL statements are inserted into an entry field for execution SQL Injection allows attackers to conduct a number of malicious activities to data including but not limited to becoming administrators of the database server. This course teaches how to identify, test, and exploit these vulnerabilities.
On successful completion of this course, learners should have the knowledge and skills to:
- Test for the presence of SQL Injection vulnerabilities
- Exploit SQL Injection vulnerabilities
- Identify the common tools and techniques used to exploit SQL Injection vulnerabilities
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.