Initial Access with sqlmap

Focused View

Casey Dunham

23:40

90 View

Exercise Files

initial-access-sqlmap.zip

Module 1 - Course Overview

1. Tool Introduction.mp4

01:34

Module 2 - Exploiting SQL Injections with sqlmap

1. Introduction.mp4

04:25

2. Using the Vulnerable Application.mp4

02:44

3. Exploiting a SQL Injection.mp4

03:50

4. Exfiltrating Data.mp4

02:03

5. Adjusting Level and Risk Parameters.mp4

04:53

6. Gaining Initial Access.mp4

02:33

Module 3 - Resources

1. Initial Access with sqlmap Resources.mp4

01:38

Description

sqlmap is a powerful automation tool for identifying and exploiting SQL injection flaws. Add another tool to your toolbox by using sqlmap to exfiltrate data and gain initial access.

What You'll Learn?

SQL injection flaws are one of the most critical application vulnerabilities. They can affect any application that uses a database, and a single flaw can lead to data loss or even server compromise. In this course, Initial Access with sqlmap, you'll learn how to use this powerful tool to identify and exploit a variety of SQL injection flaws in a red team environment. First, you'll discover how to setup sqlmap's command line and test authenticated web pages. Next, you'll use sqlmap's built-in enumeration tools to exfiltrate user data. Then, you'll delve into tuning sqlmap's parameters when crawling applications. Finally, you'll exploit a SQL injection to gain initial system access. When you're finished with this course, you'll have the skills and knowledge of sqlmap needed to streamline the process of finding and exploiting SQL injection flaws.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

SQL

Penetration Testing

Information Security

Casey Dunham

Instructor's Courses

Casey Dunham is an independent security researcher and consultant specializing in application security. His passion for software development began at the impressionable age of 8, when he taught himself Atari Basic - setting the stage for his career ever since. After being exposed to the 2600 community in middle-school and later on attending DEF CON for the first time, Casey switched from building to breaking software. Currently, his primary focus is helping clients build resilient and secure applications across a variety of industries. Casey is passionate about education and routinely delivers specialized training for clients. Outside of technology, Casey spends time working on a Philosophy degree, table-top gaming, and world travel.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.