SQL Injection | Complete Guide
Vložit
- čas přidán 26. 07. 2024
- In this video, we cover the theory behind SQL injection vulnerabilities, how to find these types of vulnerabilities from both a white box and black box perspective, how to exploit them and how to prevent them.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Web Security Academy Series Course: academy.ranakhalil.com/p/web-...
Mastering SQL Injection - The Ultimate Hands-On Course: www.udemy.com/course/masterin...
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
00:00:00 - Introduction
00:02:03 - What is a SQL injection vulnerability?
00:33:44 - How to find SQL injection vulnerabilities?
00:46:49 - How to exploit SQL injection vulnerabilities?
01:00:27 - How to prevent SQL injection vulnerabilities?
01:10:23 - Resources
01:11:13 - Summary
01:11:37 - Thank You
▬ Links ▬▬▬▬▬▬▬▬▬▬
Video slides: github.com/rkhal101/Web-Secur...
Introduction to the Web Security Academy Series video: • Introduction to the We...
Web Security Academy: portswigger.net/web-security
Web Application Hacker’s Handbook: Chapter 9 Attacking Data Stores
OWASP - SQL Injection: owasp.org/www-community/attac...
OWASP - SQL Prevention Cheat Sheet: cheatsheetseries.owasp.org/ch...
PentestMonkey - SQL Injection: pentestmonkey.net/category/che...
Rana's Twitter account: / rana__khalil
Hacker Icon made by Freepik: www.freepik.com - Věda a technologie
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
i don't have money to purchase .
@@bigbrain786 $29 save up.
Is buying the course is intended to support you or there is an additional content added in the paid course.
I don't have money 🥺🥺 so i come here to see
Your video material is actually way better than the instructions provided in the academy itself. The guys at the academy would be crazy not to approach you to incorporate your material into their platform.
your comment made my day!
@@RanaKhalil101 That's great! I'm glad I found your write-ups too. It's just sheer competence right there. Keep up the good work.
@@eonraider4180 GG twitter.com/PortSwigger/status/1366714766895550469?s=19
This
Your material answers all the questions I have when doing the lab's when I think of "what if..." and it really helps complete the whole picture. Will probably sign up soon when I have some time and money!
Amazing work, I'm looking forward to the rest of this series!!
Huge fan! Been following you since the days of your medium writeups. Thank you for your content, you have undoubtedly upgraded my infosec career. Keep doing what you are doing. Hope you continue with videos on this subject matter.
Thank you so much, amazing work. Actually it's the most up-to-date work, covering everything from a white/grey/black box perspective. Again, thank you! You are awesome :D
Very comprehensive and insightful. Never had anyone explain SQL injection in such a manner. Was very easy to follow through. Thank you. Great work! Awaiting more content.👍
This video is incredibly helpful and insightful. I really look forward to the other videos in this series. Thank you!
You are AMAZING! Thank you so much for all the effort and time to bring such an excellent content to the community. You are an inspiration!
Where have you been all my life? Please continue working on this. This is great!
Yes........ and You comment ( My heart's words).
Hey Rana! greetings from Brazil!! Thanks for the great work and content you've been putting up. Looking foward to see your next videos!!!
Thank you so much for your amazing course, your effort and your time! I really like the consistency in the slides format & flow of explanation for each topic and how you organise the playlists for each topic with short and long versions 😊
You're the best! I love your work, and I have learned a lot from you! You deserve a million subs. Tysm😄
This is great. Thanks for doing it. Shared it with my whole team.
Best explanation I would say, simple and straight! Very helpful, thank you!
Great work! Thank you for doing this. Really means a lot to us beginners❤️ Looking forward to more such informative videos👍
This is amazing. Your video is really easy to understand and I love it! Please continue working on this
Your work is amazing!! I’m excited for more content
Subhallah! This is what I spend so many months looking for, finally gotten it for free, Thanks alot for the resources.
Wow. This is gold. Thank you very much for taking the time to make this incredible material.
Oh my goodness. Thanks so much for your hard work, it was super helpful and your video seems professionally made💙
I am totally new to this world , but your video is good to understand. Thanks
Completed the whole video. Going for the next one. Thank you so much for sharing the awesome knowledge ❤️
Really appreciate your efforts and time you put into making these tutorials , these are really helpful and qualitative .also expecting Such more tutorials based on the course ahead . again thank you for sharing your knowledge you're giving back to the community in the amazing way.🙌
I've been studying for the GSEC for work, and it's really taken away time from all of my offensive security studying, but I'm finally sitting down for some free time to study and checking out your tutorials. They've all looked great from the handful I've watched while on in the background while working, but I'm looking forward to really digging in and using them to get ready for the Burpsuite Cert after my GSEC test in December.
Thanks for all of the hard work!
Ha! Saw my old comment here and figured I'd update. I got the GSEC checked out, and now I'm back learning all of this all over again since I'm studying for the GWAPT.
Thanks again for all of the great videos!
WOW! Excellent video that clearly explains how we have to think twice (or more) before feeling safe!
Thanks so much, very clear, appreciate all of your hard work behind the scenes
My new favourite content creator! Thank you so much for this
I always hate theory but your theory videos are so practical that you can't imagine. It's helping me a lot.
Your methodology of testing is great. Well done!
so much information!
will be following with the series
Great work!! Thank you for sharing your knowledge. Looking forward to learning a lot through your channel! :)
The great super explanation I deeply loved it and waiting for more series from you.
Wow!! Simply awesome! Finally I found a channel which Deep dive into the SQL injection!
I am here after watching the Broken access vulnerability topic with David Bombal. The way of your teaching is outstanding and thanks for sharing such a valuable knowledge.
I think that you and the company you work for are amazing! Thank you for these vids!🙂
thanks for uploading this video I was constantly looking for the resource to study this topic and I finally found this video... it is very helpful
incredibly impressed this is fantastic
Thank you Rana for helping us learn!!! More power to you!
Rana, thank you so much for this video! You explain complex topics so simply and clearly! Great!
Reviewing some of these things to fresh up my memory in order to create my own content on the subject (but in italian), and well, excellently explained, thank you very much!
Assalammualaykum, greetings from Malaysia. There's so much information. Great work! Looking forward next video.
You are doing great job teaching! I wish I could have your determination and attention to detail!
Great content, I learned a lot about sqli. I'm looking forward to learn more from your future videos.
Amazing work. Thanks for providing awesome stuff for free of cost.
This is first youtube video without dislike i have ever seen. NICE and thank you for the tutorials.
Nicely explained. Great job Rana... Will be following you in entire series.
This is awesome work thank you for your insight. Keep it up :)
This is the Best Sql explanation on youtube! Keep up the good work👍
Your teaching methodolgy is really amazing. I have no previous tech experience a complete newbie with some basic knowledge and I completey understand what is being explained. Thank you so much for putting in so much of time and efforts and keep up the good work ma'm.
This was extremely helpful! As someone who was a bit lost in the Web Security Academy this helped fill in the gaps so much. Thank you for this!
Thank you for your hard work .. lots of information packed into this video.
I just subscribed. You are very easy to understand and I am excited for more SQL content.
Concise and straight to the point
Outstanding information, looking forward to continuing the lectures....Thank you
Your voice is so soothing. Loved your content. Subscribed
Thanks a lot, im watching it another time because its useful !!
Amazing explanation. very clear and right to the point.
I've enjoyed your previous write-ups but this video is sooo stellar!! I've always struggled with getting a good handle on SQLi in the past and mostly just left it up to the automated tools but this guide has given me a much better approach and methodology to apply to injection scenarios. I really appreciate your efforts and look forward to future videos!
Thank you! The next 16 videos cover SQLi hands on exercises. By the end of this module, not only will you be become a pro at exploiting SQLi vulnerabilities manually but you'll also learn how to automate the exploitation in python ;)
@@RanaKhalil101 I started thinking about the flow of a python script for this as you were explaining the boolean-based injection. I'm still a python novice however so appreciate learning new methods. 😁
Loved it.. Pls don't stop this series.. ♥
Nicely Explained!
Thank You!
This was great content, thanks!
im glad that i found your channel 1 month ago.. such good content mashallah. keep the contents coming ^_^
I found out about your work on David Bombal's channel. Your channel is fantastic!
Awesome work Rana !!!!
wow going to support this channel till the end !!!
Nice tutorial. 👍 I wanna see more tutorials from different topics. 😊
Keep up the good work and good looks Chica
Great content,thank you so much👍..after searching a lot of video finally got it right video
Thank you for such an awesome explanation :)
Big promoter of your amazing content. Thanks for sharing with the community. 🙏
Admirable ❤️
This video is so important for beginner.Thanks a lot mam for your great initiative.please keep it continuous.
These videos are so awesome that I'm watching and taking notes on New Year's Eve, and I'm truly enjoying myself. Thank you! (And happy new year!)
This comment made my day! Happy new year!
This was awesome content. Thanks for this one. Soon I will enroll in your course in the website.
Thank you for posting just a great and informative video. I hope all your dreams come true.
Well done, I am really impressed and a very informative one. Please keep up you good work and expecting more video.
I just wanna say Thank You!. Your videos are awesome.
Thank you so much for this amazing explanation!!!!
Great efforts and quality video...Thank you so much..
I liked this video even before starting. I love the givers !! Sply rahana I follow you in twitter. Tha ks for sharing your knowledge. Keep going great ! Love you voice too ❤️
You are awesome for this!! Thank you!!
Really great video, thank you
Great job! Thanks!
Easy to follow explanation. Great presentation! -:)
Looking forward to more content from you ❤
MASHALLAH, PROFESSIONAL WAY OF PRESENTATION
Thank you, I understand so much better now.
Thank you so much.your making this so easy to understand
You know I have never wrote a single comment in CZcams but your videos make me do it . Thank you so much for your video and please keep it up 👏
The best instruction on SQL injection!
Thaaank you so much for your videos Rana and the way you make them and time to create them and everything!! much appreciated ♥♥
You were definitely made for this ❤🔥❤🔥❤🔥❤🔥🔥🔥🔥🔥❤❤❤❤❤❤perfect content
with this guide, its easy to understand SQLI , thank u
wow I can't get enough of your videos, especially this one
It's just amazing and so informative.
Thank you so much.☺️👍
great explanation!
Nice explanation, thank you
I am looking forward see rest of the content soon
This is great thank you so much ^^