In this video, learn one of the most important Top 10 OWASP threats, how a SQL attack works.
- [Instructor] Let's take a deeper look … at one of the common web server attacks, … the SQL injection. … We can demonstrate this by using an SQL Python script … to directly interact with the MySQL database. … It doesn't need to go through a web interface, … but the results are the same. … If you want to follow along with this, … you'll need to install MySQL … and the Python MySQL connector library onto Scorpio. … We can see that the program imports the system … in MySQL connector libraries … and then checks that there's a single argument on the call. … This is the User ID we'll be searching for … in our SQL query. … Then we connect to the database … which is on this host … and run a query … with the results being saved in the cursor. … The printing code is general purpose and includes a loop. … This allows for multiple responses in the query. … I've coded it to detect four elements in a row … and format the output according to our customer data. … Let's see what happens when we run this. …
- Hackers and the kill chain
- Viruses, spyware, and adware
- Detecting malware with Windows Defender
- Using Windows Firewall and Linux iptables
- Scanning with Nmap
- Monitoring network communications with Netcat
- Combating application-level threats
- Scanning a website to check for vulnerabilities
- Capturing intruders through packet inspection
Skill Level Beginner
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Why Cybersecurity?
4. Network Scanning
5. Network Connections
6. Vulnerability Scanning
7. Web Applications
8. Monitoring Packets
Next steps1m 27s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.