Web Application Hacking: Advanced SQL Injection and Data Store Attacks - Workshop eBook


14 items sold

Get the access to all our courses via Subscription


Categories: ,

Dear students,

We gathered all the reading materials from the course “Web Application Hacking: Advanced SQL Injection and Data Store Attacks” and prepared a stand alone ebook. While reading this workshop you will examine how SQL and Data stores work in a web server, and you will be introduced to data store attacking and several injection methods with practical examples. You will dive deep into SQL Injection with advanced ways and you will see ways to encrypt your attacks to make it more effective.

Note: Some of the original course materials, like videos or particular exercises, are not presented in this issue. If you would like to gain access to all the materials, you have to enroll in the course.

The main aim of this e-book is to present our publication to a wider range of readers. We want to share the material we worked on and we hope we can meet your expectations.

Enjoy your reading,
Hakin9 Magazine
Editorial Team

This e-book contains text materials from the course.

>>Download Preview<<

>>Table of Contents<<

Web Applications & SQL: Introduction and suggested reading

Module 1
Introduction to SQL, Data stores, Data Store Injection and SQL Injection

    • Data Store Injection
    • Introduction to XML, JavaScript and SQL injection attacks
    • Different Statement Injection
    • UNION Operator
    • Database Fingerprinting

Module 2
Advanced SQL

    • Bypassing filters
    • Injecting into Different Statement Types
    • Extracting Useful Data
    • Second-Order SQL Injection

Module 3
Injecting into XPath, LDAP and NoSQL

Module 4 

Data Store web application security measures

    • NoSQL Injection
    • Securing your DataStore (Input Validation, Output Encoding, Parametrized Queries, Least Privileges, and more)
    • Securing LDAP, XPath and NoSQL
    • Conclusion


Nowadays, web applications are everywhere in the internet or in local networks. From personal blogs, to bank applications, every modern web site and service uses web applications for a better, more secure and reliable service. But is our web site or service, really safe? In this course, we start data store application hacking, such as SQL Injection, XPath injection, etc., which may be the most serious type of attacks, that can leak sensitive information from the hosting site, such as usernames and passwords.

 SELF-PACED, 18 CPE Credits 

What will students learn?

    • SQL Injection attacks and methods
    • More injection methods to XPath, LDAP and NoSQL
    • Security measures
    • Practical experience in attacking data stores

What skills will students gain?

    • Data store exploitation
    • Practical experience in SQL injection and other data store injection methods
    • Securing their web application from data store injection attacks

What will students need?

    • PC with a preferred operating system (Mac OSX 10.5+, Windows 7+, Linux)

VISIT COURSE>>> Syllabus 


There are no reviews yet.

Be the first to review “Web Application Hacking: Advanced SQL Injection and Data Store Attacks - Workshop eBook”

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023