๐ฏ What You'll Learn
- Understand SQL and database basics
- Find injection points manually
- Exploit in-band injection to extract data
- Prevent injection with safe queries
About This Workbook
SQL injection remains one of the most damaging web flaws. This workbook builds from how databases and SQL work to manual exploitation and solid prevention.
Chapter 1 โ Databases & SQL
The foundation injection abuses.
- Relational basics
- SQL syntax
- How apps query data
Chapter 2 โ Finding Injection
Detecting where input reaches a query.
- Error-based clues
- Breaking queries
- Confirming injection
Chapter 3 โ Exploitation
Extracting data through injection.
- UNION-based extraction
- Reading the schema
- Dumping data
Chapter 4 โ Prevention
Stopping injection at the source.
- Parameterised queries
- Input validation
- Least privilege
Keep going. Work through each chapter in order, then apply what you learned in the matching labs.