SQL Injections (SQLi) Lab

Infosec Learning
Virtual Lab

The development of this document is funded by the Boston Area Advanced Technological Education Connections (BATEC) Grant No. NSF-0703097 thru Bunker Hill Community College. An SQL injection (SQLi) is the process of injecting unauthorized characters into SQL query statement in order to alter a response. In this lab, we will demonstrate three phases ...

Time
1 hour 30 minutes
Difficulty
Intermediate
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or
View all SSO options

Already have an account? Sign In »

Overview

The development of this document is funded by the Boston Area Advanced Technological Education Connections (BATEC) Grant No. NSF-0703097 thru Bunker Hill Community College.

An SQL injection (SQLi) is the process of injecting unauthorized characters into SQL query statement in order to alter a response. In this lab, we will demonstrate three phases of security (exploitation, analysis, and mitigation) in order to get a better understanding of why SQLi occur and how they can potentially be stopped.

Learning Partner
Infosec Learning

Infosec Learning provides businesses, colleges, governments, and K-12 school districts a feature rich information technology training and skill assessment service via an advanced, cloud based, virtual machine powered platform, capable of significant customization with unlimited scale and growth potential.