Chapter 4: Attacking Web, Mobile, and IoT Applications

Here we are at the fun part of our journey—the core of the practical section of this book. So far, we have looked at both the basics and the mechanics of SQL injection, including a glimpse of what a successful SQL injection attack can do. We also provided a safe and controlled environment that anyone can experience, at their own pace, of what a SQL injection attack consists of.

In this chapter, we will deal with SQL injection attacks against traditional web applications, which is the most common scenario, using both manual and automated techniques, relying on the toolset that we discussed in the previous chapter.

This chapter is split into the following sections:

Attacking traditional ...

Get SQL Injection Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SQL Injection Strategies by Ettore Galluccio, Edoardo Caselli, Gabriele Lombari

Chapter 4: Attacking Web, Mobile, and IoT Applications

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly