Technical requirementsExploitable SQL commands and syntaxSQL injection-enabling charactersSQL statement constructionCommon SQL injection commands and manipulationInformation gathering and schema extraction – UNION queriesDumping the databaseEscalating privileges and gaining accessBlind SQL injectionNot only SQL injection – non-relational repositoriesThe injection vulnerability in non-relational repositoriesWrapping up – (No-)SQL injection in theorySummaryQuestions