6005-CEM Security

Introduction

6005-CEM Security

Home
Essentials
Essentials
- Module Guide
- Assessment
  Assessment
- Teaching and Learning
- MS Teams
Guides
Guides
Further Hacking
Week 1 Introduction
Week 1 Introduction
- Materials
  Materials
- Lab Tasks
  Lab Tasks
  - Lab Tasks
  - Video Walkthrough
- Videos
  Videos
  - Video "Lectures"
Week 2 Legal Factors
Week 2 Legal Factors
- Materials
  Materials
- Online Lecture
  Online Lecture
  - Lecture
  - Task
- Lab
  Lab
  - Lab Session
Week 3 Secure Design and Infrastructure
Week 3 Secure Design and Infrastructure
- Materials
  Materials
- Online Lectures
  Online Lectures
  - Lecture
- Labs
  Labs
  - Port Scanner
Week 4 Cryptography (Hashing)
Week 4 Cryptography (Hashing)
- Materials
  Materials
- Online Lectures
  Online Lectures
  - Lecture
- Lab Session
  Lab Session
  - Using Hashes
Week 5 Cryptography (Encryption)
Week 5 Cryptography (Encryption)
- Materials
  Materials
- On Campus Lab Session
  On Campus Lab Session
  - Chat Client
Week 6 Common Vulnerblitlites and Audit
Week 6 Common Vulnerblitlites and Audit
- Materials
  Materials
Week 7 HTTP, Requests and Sessions
Week 7 HTTP, Requests and Sessions
- Introduction
- The HTTP Protocol and Requests
  The HTTP Protocol and Requests
- Authentication and Sessions
  Authentication and Sessions
- Lab Tasks
  Lab Tasks
  - Requests Tasks
  - Sessions Tasks
Week 8 SQL Injection
Week 8 SQL Injection
- Introduction
- Videos
- Materials
  Materials
- Lab Tasks
  Lab Tasks
  - Lab Task
Week 9 Shells and XSS
Week 9 Shells and XSS
- Introduction
- Videos
- Materials
  Materials
- Lab Session
  Lab Session
  - Lab Task
Week 10 Overflows
Week 10 Overflows
- Introduction
- Materials
  Materials
- Lab Session
  Lab Session
  - Lab Session

Web Vulnerability's: SQL Injection

This week we are going to look at SQL injection.

Injection based attacks come in at number one in the OWASP top 10. While injection covers a wide range of issues, SQL injection is one of the more common problems.

We will have a quick recap of SQL syntax, then look at how SQL injection attacks happen. We will then look at two practical aspects for SQL injection.

First we will modify a query so we get positive result that can help us modify functionality
We will then look at injecting elements into the query that allow us to get data from the database, and its associated tables.