SQL Injection is a type of attack where user inputs the applications with malicious SQL code and takes the control over the application’s database. Attacker may input the code through a front-end form. When the user input (malicious SQL code) passes to backend it may corrupt the databases.
Attacker uses SQL injection to bypass authentication and authorization and retrieve contents of entire database. It is also used to add, modify and delete the records in the database affecting the database integrity.
File Download and Detail:
- Lab Instruction
- Quiz
- Lab
- Slides