웹 개발자와 정보보안 입문자가 꼭 알아야 할 웹 해킹 & 시큐어 코딩
크리핵티브
정보보안 입문자와 웹 개발자 분들을 위한 웹 해킹 입문 강의! 본 강의를 시작으로 웹 해킹을 재미있게 시작해보세요!
초급
모의해킹, 인젝션
BEST
Advanced SQL Injection Attack Techniques Explained by a Simulated Hacking Practitioner: PART 2
The second lecture on SQL Injection, taught by a mock hacking practitioner! The first lecture covered the basics and the core principles of attacks, while the second lecture is about technical advanced attack techniques. Therefore, taking the first lecture is a must!
Reviews from Early Learners
What you will learn!
SQL Injection application attack technique
Advanced SQL Injection Attack Techniques
New Blind-Based SQL Injection
Advanced/Applied SQL Injection Attack Techniques You've Never Seen Before!
We present a new direction for mock hacking attacks.
📖 A series of SQL Injection attacks taught by a mock hacking expert!
- PART(1) : Basics / Practical Attacks / Secure Coding ◀ Previous lecture
This training covers the most important content in SQL Injection attacks. You can learn attack techniques used in practice from the basics, various countermeasures, and secure coding. This is a required training that serves as the basis for subsequent training.
- PART(2) : Application / Advanced / Advanced ◀ Current lecture
This is training on applied attack techniques and advanced attack techniques not covered in PART (1).
- PART(3) : Making an automated tool ◀ To be made
This is a training course that applies the attack techniques learned to an automation tool to create a Python-based automation tool.
📖 Differences between SQL Injection Part 1 & 2!
If the previous lecture Part (1) was about the basics and principles of attacks, and the core theory and practice of attacks, this lecture covers the technical aspects of SQL Injection attacks . Therefore, Part (1) is the backbone of this lecture, so it is recommended that you take Part (1) first and then Part (2).
📖 How have SQL Injection attacks been carried out?
If any of the items below apply to you, you can solve them quickly and easily through this lecture!
- Have you ever been unable to attack in an environment where there are no posts on the bulletin board, or have you ever conducted a time-based attack?
- When performing Error-Based or Union-Based attacks, didn't you extract data one by one?
- In a Blind-Based attack, didn't you make at least 7 requests to infer one character?
- Did you know that file download vulnerability attacks are possible in the file download function linked to a database?
- Did you know that data retrieval attacks via Union-Based attacks are possible for file download functions linked to a DB?
💡 Why you absolutely must take this course!
This lecture covers not only known attack techniques, but also techniques that we discovered through our own research rather than well-known attack techniques. This attack technique presents a new direction for Blind-Based SQL Injection attacks !
The lecture also covers how this attack technique can be used to query data faster and more effectively than previously known attack techniques!
So... practitioners must definitely take this course, right!?
📖 Provides PHP-based practice bulletin boards for each DBMS!
We provide a practice bulletin board based on PHP-MYSQL, PHP-MSSQL, and PHP-ORACLE, through which you can practice SQL Injection for various DBMS.
🙋🏻♂️ Questions Q&A
Q. Can I understand Part (2) lecture if I haven't taken Part (1) lecture?
A. I highly recommend that you take the Part (1) lecture. I also recommend that you take this lecture after you have a sufficient understanding of SQL Injection attacks. If you have not taken Part (1) but have sufficient knowledge of SQL Injection attacks, there will be no major problems in taking Part (2), but there may be terms used or content that you are not familiar with, so I recommend that you take Part (1) if possible.
Q. Is this an attack technique that can be applied directly in practice?
A. Yes, of course! It can be applied immediately and attacks can be made more efficiently than existing technologies.
Q. Is there any information about countermeasures?
A. No, there isn't. For the countermeasures, please refer to the Part (1) lecture.
💡 Must-see lectures
Basic SQL Grammar for Successful SQL Injection Attacks
Basic Steps to Learn SQL Injection Attacks
Basic Steps to Learn SQL Injection Attacks
SQL Injection Attack Techniques and Secure Coding: PART 1
SQL Injection Core Lecture! The Basics and Principles of Attacks!
SQL Injection Core Lecture! The Basics and Principles of Attacks!
※ Nanum font provided by Naver is used in this training PPT.
Recommended for
these people
Who is this course right for?
Someone who has basic knowledge of SQL Injection
Anyone who is confident about SQL Injection attacks
For those who want to know more about SQL Injection attacks
Anyone who wants to make SQL Injection attacks faster
Need to know before starting?
SQL Basic Grammar
SQL Injection Basic Knowledge
Understanding SQL Injection Attacks
26,165
Learners
1,387
Reviews
502
Answers
4.9
Rating
18
Courses
안녕하세요, 크리핵티브입니다.
다년간 다양한 웹 서비스를 진단하고 연구한 경험을 바탕으로, 실무에 바로 적용 가능한 지식을 인프런 플랫폼에서 공유해오고 있습니다.
그리고 웹 해킹 기초를 체계적으로 다룬 『크리핵티브의 한 권으로 끝내는 웹 해킹 바이블』을 집필했습니다. 기초가 부족한 분들께는 이 책으로 학습을 시작하실 것을 권합니다.
『크리핵티브의 한 권으로 끝내는 웹 해킹 바이블』 저자
이메일 : crehacktive3@naver.com
Curriculum
All
85 lectures ∙ (14hr 43min)
Course Materials:
Lecture resources
Published:
Last updated:
Reviews
All
24 reviews
4.9
24 reviews
정두화Reviews 4
∙
Average Rating 5.0
- 고영훈
Reviews 1
∙
Average Rating 5.0
- qwerty
Reviews 17
∙
Average Rating 4.8
- sim_sw
Reviews 4
∙
Average Rating 5.0
- Hong David
Reviews 1
∙
Average Rating 3.0
$127.60
crehacktive's other courses
Check out other courses by the instructor!
![파일 업로드 취약점 고급 공격 기법 PART2 [통합편]강의 썸네일](https://cdn.inflearn.com/public/courses/333012/cover/12bd40e1-1e17-493a-81b9-64ac5fed558e/333012.png?f=avif&w=420)
Similar courses
Explore other courses in the same field!
