Name: Web Application Hacking: Advanced SQL Injection and Data Store Attacks (W29)
Price: 250.00 USD
Availability: InStock

Description

Enroll Now!

18 CPE Credits

Self-paced

What will students learn ?

- SQL Injection attacks and methods

- More injection methods to XPath, LDAP and NoSQL

- Security measures

- Practical experience in attacking data stores

What skills will students gain ?

- Data store exploitation

- Practical experience in SQL injection and other data store injection methods

- Securing their web application from data store injection attacks

What will students need?

- PC with a preferred operating system (Mac OSX 10.5+, Windows 7+, Linux)

What should students know before they join?

- Basics and understanding of an SQL language

- Basics and understanding of web applications and how they work

- Basics of HTML, data structures and programming

SYLLABUS

Module 1

Introduction to SQL, Data stores, Data Store Injection and SQL Injection

In this module, we will quickly examine how SQL and Data stores work in a web server, and we will be introduced to data store attacking and some Injection methods with practical examples, attacking web applications with conventional methods.

- Introduction to SQL and Data Stores

- Introduction to Data Store Attacks

- Introduction to Injection attacks (SQL, XML etc.)

- Practical Injection examples

- Exercises

Module 2

Advanced SQL Injection

In module 2, we dive deep into SQL Injection with advanced ways and we will see ways to encrypt our attacks to make it more effective in the new ways of security, all these with practical, real world examples.

- Bypassing filters

- Injecting into Different Statement Types

- Extracting Useful Data

- Second-Order SQL Injection

- And more

- Exercises

Module 3

Injecting into XPath, LDAP and NoSQL

In module 3, we will examine more ways of injection in data stores starting with NoSQL, XPath and LDAP, but not limited to them, advancing our data store injection knowledge.

- Injecting into NoSQL

- Injecting into XPath

- Injecting into LDAP

- Exercises

Module 4

Data Store web application security measures

Finally, in module 4, we will see prevention methods with practical examples for our data store applications, build from the previous examples. The prevention methods will be complex and combined methods for our web applications.

- Preventing SQL Injection

- Basic Methods

- Parameterized Queries

- Data Sanitization

- Security to other data store types

- Exercises

Final Quiz

Instructor: Thomas Sermpinis

- 8 years of experience in the Security sector

- Java, C++, Python

- Editor of “Penetration Testing with Android Devices”, “Penetration Testing with Kali 2.0” courses of PenTest Magazine.

- Editor of “Android Malware Analysis” course on eForensics Magazine.

- Editor on DeltaHacker Magazine

- 4 years of blogging on Penetration Testing topics

- Hacking and Android Enthusiast

Reviews

There are no reviews yet.

Be the first to review “Web Application Hacking: Advanced SQL Injection and Data Store Attacks (W29)”

LOGIN

Web Application Hacking: Advanced SQL Injection and Data Store Attacks (W29)

Courses Included

Description

Enroll Now!

What will students learn ?

SQL Injection attacks and methods

More injection methods to XPath, LDAP and NoSQL

Security measures

Practical experience in attacking data stores

What skills will students gain ?

Data store exploitation

Practical experience in SQL injection and other data store injection methods

Securing their web application from data store injection attacks

What will students need?

PC with a preferred operating system (Mac OSX 10.5+, Windows 7+, Linux)

What should students know before they join?

Basics and understanding of an SQL language

Basics and understanding of web applications and how they work

Basics of HTML, data structures and programming

SYLLABUS

Module 1

Introduction to SQL, Data stores, Data Store Injection and SQL Injection

In this module, we will quickly examine how SQL and Data stores work in a web server, and we will be introduced to data store attacking and some Injection methods with practical examples, attacking web applications with conventional methods.

Introduction to SQL and Data Stores

Introduction to Data Store Attacks

Introduction to Injection attacks (SQL, XML etc.)

Practical Injection examples

Exercises

Module 2

Advanced SQL Injection

In module 2, we dive deep into SQL Injection with advanced ways and we will see ways to encrypt our attacks to make it more effective in the new ways of security, all these with practical, real world examples.

Bypassing filters

Injecting into Different Statement Types

Extracting Useful Data

Second-Order SQL Injection

And more

Exercises

Module 3

Injecting into XPath, LDAP and NoSQL

In module 3, we will examine more ways of injection in data stores starting with NoSQL, XPath and LDAP, but not limited to them, advancing our data store injection knowledge.

Injecting into NoSQL

Injecting into XPath

Injecting into LDAP

Exercises

Module 4

Data Store web application security measures

Finally, in module 4, we will see prevention methods with practical examples for our data store applications, build from the previous examples. The prevention methods will be complex and combined methods for our web applications.

Preventing SQL Injection

Basic Methods

Parameterized Queries

Data Sanitization

Security to other data store types

Exercises

Final Quiz

Instructor: Thomas Sermpinis

8 years of experience in the Security sector

Java, C++, Python

Editor of “Penetration Testing with Android Devices”, “Penetration Testing with Kali 2.0” courses of PenTest Magazine.

Editor of “Android Malware Analysis” course on eForensics Magazine.

Editor on DeltaHacker Magazine

4 years of blogging on Penetration Testing topics

Hacking and Android Enthusiast

Reviews

Related products

API Security: Offence and Defence (W35)

Bypassing Web Application Firewall (W30)

(W28) Malware Analysis using Volatility

Product Categories

Cart