Mastering SQL Injection - The Ultimate Hands-On Course

Name: Mastering SQL Injection - The Ultimate Hands-On Course
Price: 9.99 USD
Rating: 4.7 (567 reviews)

How to Find, Exploit and Defend Against SQL Injection Vulnerabilities. For Ethical Hackers, Developers & Pentesters

Bestseller

(567 ratings)

15,623 students

Created by Experts with David Bombal, Rana Khalil, David Bombal

Last updated 8/2023

English

English [Auto], Indonesian [Auto],

What you'll learn

Learn how to find SQL Injection vulnerabilities from both a black-box and white-box perspective.
Learn how to exploit SQL Injection vulnerabilities of varying difficulty levels.
Gain hands-on experience exploiting SQL injection vulnerabilities using Burp Suite Community and Professional editions.
Learn how to automate attacks in Python.
Learn how to defend against SQL Injection vulnerabilities.

Requirements

Basic knowledge of computers (i.e. how to use the internet).
Basic knowledge of web fundamentals (HTTP requests, methods, cookies, status codes, etc.).
Basic knowledge of SQL commands and query structure.
Latest version of Kali Linux VM (free download).
PortSwigger Web Security Academy account to access the labs (free registration).
Basic knowledge of Python Scripting.

Description

For the longest time, up until a few years ago, SQL Injection fell under the number one most critical security risk facing web applications today. Although the vulnerability itself is simple to learn and exploit, it can potentially lead to disastrous consequences that leave an organization open to severe risks such as sensitive information disclosure, authentication bypass and even remote code execution.

In this course, we dive into the technical details behind SQL Injection vulnerabilities, the different types of SQL injection vulnerabilities, how to find them from both a black-box and a white-box perspective and cover the different ways to exploit SQL injection vulnerabilities. We also go through prevention and mitigation techniques on how to prevent and mitigate these types of vulnerabilities.

This is not your average course that just teaches you the basics of SQL Injection. This course contains over 9 hours worth of content that not only describes the technical details behind SQL Injection vulnerabilities, but also contains 18 labs that give you hands-on experience exploiting real-world examples. The labs are of varying difficulty levels starting with really simple examples and slowly moving up in difficulty.

If you're a penetration tester, application security speciality, bug bounty hunter, software developer, ethical hacker, or just anyone interested in web application security, this course is for you!

Who this course is for:

Penetration testers that want to understand how to find and exploit SQL injection vulnerabilities.
Software developers that want to understand how to defend against SQL injection vulnerabilities.
Bug bounty hunters that want to understand how to find and exploit SQL injection vulnerabilities.
Individuals preparing for the Burp Suite Certified Practitioner (BSCP) exam.
Individuals preparing for the OSWE certification.

Experts with David Bombal

Experts helping you become an expert.

4.7 Instructor Rating
56,499 Reviews
1,173,844 Students
38 Courses

David Bombal, together with some of the best minds in the industry is offering courses on a wide range of topics including networking, programming and software development. Our team has decades of experience teaching students from all over the world.

Together we can do more!

David Bombal (CCIE #11023 Emeritus) passed his Cisco Certified Internetwork Expert Routing and Switching exam in January 2003 and is one of a small percentage of Cisco Engineers that pass their CCIE labs on their first attempt.

David qualified as a Cisco Certified Systems Instructor (CCSI #22787) many years ago! He has been training Cisco courses for over 15 years and has delivered instructor led courses in various countries around the world covering a wide range of Cisco topics from CCNA to CCIE.

He has also personally developed Cisco engineer utilities such as the VPN Config Generator, software, training materials, EBooks, videos and other products which are used throughout the world.

David has designed, implemented and managed networks ranging from single sites to those that span 50 countries.

Rana Khalil

Application Security Engineer Team Lead

4.6 Instructor Rating
1,318 Reviews
23,422 Students
5 Courses

Rana Khalil is an accomplished Application Security Engineer currently steering the digital safety ship in Canada's dynamic public and private sectors. With her cutting-edge expertise, she's not only securing applications, but also shaping the future of cybersecurity across the nation.

She holds a Bachelor's and Master’s degree in Computer Science and is OSCP certified. She has spoken about her research at various local and international conferences, and received several awards and honorable mentions for her contributions to the cybersecurity community.

Rana has also founded her own online academy where she teaches web application penetration testing. Her mission? To make cybersecurity education affordable and keep the digital frontier safe, one application at a time.

David Bombal

CCIE #11023, over 20 years of network training experience

4.7 Instructor Rating
136,897 Reviews
1,290,012 Students
48 Courses

David qualified as a Cisco Certified Systems Instructor (CCSI #22787) many years ago! He has been training Cisco courses for over 20 years and has delivered instructor led courses in various countries around the world covering a wide range of Cisco topics from CCNA to CCIE.

David is very active on social media and has over 2 million YouTube subscribers and has posted over 1,000 free videos.