|
(W00) Course Instructions |
|
00:00:00 |
|
(W29M00) Pre-course materials |
|
00:00:00 |
Module 1: Introduction to SQL, Data stores, Data Store Injection and SQL Injection |
|
(W29M01) Introduction to SQL and Data Stores |
|
00:00:00 |
|
(W29M02) Introduction to Injection Attacks |
|
00:00:00 |
|
(W29M03) Database Fingerprinting |
|
00:00:00 |
|
(W29M04) Module 1 Presentation Videos |
|
00:00:00 |
|
(W29M01A01) Exercises |
30, 00:00 |
Module 2: Advanced SQL Injection |
|
(W29M05) Extracting Data |
|
00:00:00 |
|
(W29M06) Bypassing filters |
|
00:00:00 |
|
(W29M07) Second-Order SQL Injection |
|
00:00:00 |
|
(W29M08) Advancing the SQL Injection |
|
00:00:00 |
|
(W29M09) Blind SQL Injection |
|
00:00:00 |
|
(W29M10) Blind SQL Injection Using Time Delays |
|
00:00:00 |
|
(W29M11) From SQL Injection to File System Access |
|
00:00:00 |
|
(W29M12) References |
|
00:00:00 |
|
(W29M02A01) Module 2 Exercises |
30, 00:00 |
Module 3: Injecting into XPath, LDAP and NoSQL |
|
(W29M13) SQL Injection Encoding and Evasion Techniques |
|
00:00:00 |
|
(W29M14) Automating SQL Injection |
|
00:00:00 |
|
(W29M15) XPath Injection |
|
00:00:00 |
|
(W29M16) LDAP Injection |
|
00:00:00 |
|
(W29M17) References and Support Material |
|
00:00:00 |
|
(W29M03A01) Module 3 Exercises |
30, 00:00 |
Module 4: Data Store web application security measures |
|
(W29M18) NoSQL Injection |
|
00:00:00 |
|
(W29M19) Securing your DataStore (Input Validation, Output Encoding, Parameterized Queries) |
|
00:00:00 |
|
(W29M20) Securing your DataStore (Least Privileges, Canonicalization, Handling Sensitive Data) |
|
00:00:00 |
|
(W29M21) Securing LDAP, XPath and NoSQL |
|
00:00:00 |
|
(W29M22) Conclusion |
|
00:00:00 |
|
(W29M23) Resources and Reading Material |
|
00:00:00 |
|
(W29M24) Workshop eBook |
|
00:00:00 |
|
(Q29) Advanced SQL Injection and Data Store Attacks Final Exam |
|
00:30:00 |