SQL Injection یکی از رایج ترین آسیب پذیری های تزریقی است که در برنامه های کاربردی تحت وب مورد سوء استفاده قرار می گیرد و خطرات امنیتی جدی برای سازمان ها ایجاد می کند. به عنوان یک پنتستر برنامه وب یا شکارچی باگ، بسیار مهم است که بفهمیم چه چیزی باعث آسیب پذیریهای SQL Injection میشود، چگونه میتوان آنها را شناسایی کرد و چگونه میتوان از آنها سوء استفاده کرد. توانایی مهاجمان برای اجرای پرسوجوهای دلخواه در برابر سیستمهای آسیبپذیر میتواند منجر به قرار گرفتن در معرض دادهها، اصلاح و در برخی موارد به خطر افتادن کل سیستم شود. آسیبپذیریهای SQL Injection معمولاً توسط توسعهدهندگان نادیده گرفته میشوند، عمدتاً به دلیل فقدان دانش در مورد اینکه چگونه سؤالات SQL میتوانند توسط مهاجمان ایجاد شوند. این دوره شما را با همه چیز آشنا می کند، از معرفی SQL Injection، توضیح تفاوت بین SQLi درون باند و خارج از باند، و به شما نشان می دهد که چگونه آسیب پذیری های تزریق SQL را در برنامه های تحت وب از طریق ترکیبی شناسایی و از آن بهره برداری کنید…
لینک دانلود دوره آموزشی INE – Web Application Penetration Testing SQL Injection Attacks
حجم: 8.43 گیگابایت
دانلود – بخش اول
دانلود – بخش دوم
دانلود – بخش سوم
دانلود – بخش چهارم
دانلود – بخش پنجم
دانلود – بخش ششم
دانلود – بخش هفتم
دانلود – بخش هشتم
دانلود – بخش نهم
رمز فايل: technet24.ir
Anatomy of an SQL Injection Attack
Date: 2023
Publisher: INE
INSTRUCTOR: Alexis Ahmed
Duration: 16h 57m
DIFFICULTY LEVEL: Professional
SQL Injection is one of the most commonly exploited injection vulnerabilities in web applications and poses a serious security risk to organizations. As a web application pentester or bug bounty hunter, it is vitally important to understand what causes SQL Injection vulnerabilities, how they can be identified, and how they can be exploited. The ability for attackers to run arbitrary queries against vulnerable systems can result in data exposure, modification, and in some cases, entire system compromise. SQL Injection vulnerabilities are often misunderstood and overlooked by developers primarily due to a lack of knowledge on how SQL queries can be weaponized by attackers. This course will take you through everything from introducing you to SQL Injection, explaining the difference between In-Band, Blind, and Out-of-band SQLi, and will show you how to identify and exploit SQL Injection vulnerabilities in web applications through a mix of both manual and automated techniques.
Welcome
Introduction
Activities:1
Course Introduction
Lessons
SQL Injection Fundamentals
Activities:6
Introduction to SQL Injection
Test your knowledge: Introduction to SQL Injection
Anatomy of an SQL Injection Attack
Test your knowledge: Anatomy of an SQL Injection Attack
Types of SQL Injection Vulnerabilities
Test your knowledge: Types of SQL Injection Vulnerabilities
Databases
Activities:4
Introduction to Databases & DBMS
Test your knowledge: Introduction to Databases & DBMS
Relational vs NoSQL Databases
Test your knowledge: Relational vs NoSQL Databases
SQL Primer
Activities:5
Introduction to SQL
Test your knowledge: Introduction to SQL
SQL Fundamentals – Part 1
SQL Fundamentals – Part 2
SQL Basics
Finding SQLi Vulnerabilities
Activities:8
Hunting for SQL Injection Vulnerabilities – Part 1
Hunting for SQL Injection Vulnerabilities – Part 2
Test your knowledge: Hunting for SQL Injection Vulnerabilities – Part 2
Finding SQL Injection Vulnerabilities Manually – Part 1
Finding SQL Injection Vulnerabilities Manually – Part 2
Test your knowledge: Finding SQL Injection Vulnerabilities Manually – Part 2
Mutillidae 2
Finding SQL Injection Vulnerabilities with OWASP ZAP
In-Band SQL Injection
Activities:8
Exploiting Error-Based SQL Injection Vulnerabilities – Part 1
Exploiting Error-Based SQL Injection Vulnerabilities – Part 2
Test your knowledge: Exploiting Error-Based SQL Injection Vulnerabilities – Part 2
PHPMyRecipes
Exploiting Union-Based SQL Injection Vulnerabilities – Part 1
Exploiting Union-Based SQL Injection Vulnerabilities – Part 2
Test your knowledge: Exploiting Union-Based SQL Injection Vulnerabilities – Part 2
Vulnerable Results Portal: Union Based SQLi
Blind SQL Injection
Activities:10
Introduction to Boolean-Based SQL Injection Vulnerabilities
Test your knowledge: Introduction to Boolean-Based SQL Injection Vulnerabilities
OpenSupports
Exploiting Boolean-Based SQL Injection Vulnerabilities – Part 1
Exploiting Boolean-Based SQL Injection Vulnerabilities – Part 2
Victor CMS
Exploiting Time-Based SQL Injection Vulnerabilities – Part 1
Exploiting Time-Based SQL Injection Vulnerabilities – Part 2
Test your knowledge: Exploiting Time-Based SQL Injection Vulnerabilities – Part 2
CiMe Citas Medicas
NoSQL Injection
Activities:7
NoSQL Fundamentals – Part 1
NoSQL Fundamentals – Part 2
Test your knowledge: NoSQL Fundamentals – Part 2
MongoDB: Basics
MongoDB NoSQL Injection
Test your knowledge: MongoDB NoSQL Injection
MongoDB: NoSQL injection
Goodbye
Conclusion
Activities:1
Course Conclusion
woow tnks for share