What is SQL injection? - Web Security Academy

День тому

SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. Learn more from the Web Security Academy, by PortSwigger.
Read the full guide: portswigger.net/web-security/...
SQL injection cheat sheet: portswigger.net/web-security/...
Register for free with the Web Security Academy to test yourself in our interactive labs: portswigger.net/web-security

КОМЕНТАРІ: 72

@bytesunlimitedsecuritytips9095 2 роки тому

Very great video! Thank you! My only complaint is that there was a lot of content mentioned here that could have been slowed down and further explained or better analyzed. Other than that, I will have to watch a few more times to fully grasp it.

@trentashore1059 3 роки тому

Your a legend I couldnt understand wtf 1=1 bs was, but the way you broke it up and showed what was being altered or affected made it sooo easy to understand, big thanks to yall

@mrrairai 9 місяців тому

This video is amazing! I'm so happy I found it. It makes things make so much more sense now. Thank you.

@dustinhxc Рік тому

Thank you for the academy videos!

@nandhaKumar-nr8yv 3 роки тому

Really useful! its ultra level. i am very much attracted to the way of teaching by a wonderful instructor. i looking for more videos. You are doing a great job

@pardeepbhardwaj4251 3 роки тому

Do any practical of sql injection ... create video for practising of sql

@paulojr1384 Рік тому

awesome content PortSwigger tnx

@Mohamed-xe7ui Рік тому

so great, PLz make more videos for other web academy topics

@mothish. 3 роки тому

Make more burb suite academy tutorials please

@headshotcaptain8389 2 роки тому

Awesome content!

@sumanaswal6557 3 роки тому

thanks for the info you look like joey king

@dhayes5151 Рік тому

Very well put together. Audio could be better quality however. Thanks!

@PrakashKumar-se1qk 2 роки тому

Prevention part is good and not spoked in many blogs and videos

@gonzalo635 2 роки тому

NetSec is amazing.

@pronoydutt8361 3 роки тому

How did you say username: weiner and password: blue cheese with a completely straight face

@b8akaratn 7 місяців тому

Thank you

@dranonymous1547 3 роки тому

very good

@Umar0x01 2 роки тому

02:43 barely held the laugh, hahaha.

@aaronwhite1786 2 місяці тому

I feel like this was actually how they eliminated people at PortSwigger who wanted to host the video. If you couldn't get through that portion of the script without breaking you didn't get the do the video.

@togrow6578 3 роки тому

amazing

@AnthonyMcqueen1987 3 роки тому

I have been having so much bad-luck searching for XSS i am thinking of focusing on SQL Injection because its only the database we need to worry about and if valid could bring some major $$$.

@gkmusicnocopyrightsongs7307 2 роки тому

Send your contact number sir I want your help

@AnthonyMcqueen1987 2 роки тому

@@gkmusicnocopyrightsongs7307 nope

@gkmusicnocopyrightsongs7307 2 роки тому

Sir plz help me

@AnthonyMcqueen1987 2 роки тому

@@gkmusicnocopyrightsongs7307 whats the problem ?

@gkmusicnocopyrightsongs7307 2 роки тому

My family was poor I want your help plz help in haking tricks

@XaraTVOfficial Рік тому

2:43 I wish you had used a form that has Username and Password instead of Email Address and Password to avoid confusion.

@Tekionemission 2 роки тому

Great video, thanks for posting it. Curious, does anyone know what the + is for, i.e.: '+OR+1=1--

@MrHT1993 Рік тому

The '+' sign represent concatenation in a URL. If you perform the labs, you will understand.

@Fahodinho Рік тому

+ is a space ' ' URL encoded

@stumbras2000 9 місяців тому

What should you study in order to understand concepts in this video seems like this is not beginner level...

@amol5436 2 роки тому

@3.10 did they miss a single quote after -- ?

@cybercog Рік тому

no, the single quote is purposefully used to 'break' the SQL formatter and inject your code

@d.j.s.3180 3 роки тому

Девчуля я влюбился

@opurbovai3414 Рік тому

I WANT TO WORK WITH YOU

@joojordy5855 11 місяців тому

nice

@pardeepbhardwaj4251 3 роки тому

👍

@philopateermoheb7162 8 місяців тому

البت اللي في الفيديو حلوة

@kiwinesss 3 роки тому

She talks very very fast, so I had to watch it twice. But thank you for the information.

@sumanaswal6557 3 роки тому

or you could have slowed it down from the option manu

@kiwinesss 3 роки тому

@@sumanaswal6557 na I hate doing that, it makes everyone sound like a robot.

@inyodream642 3 роки тому

@@kiwinesss wtf lol

@aesthetic_diabetics 3 роки тому

ya'll really just gonna drop wiener and blue cheese with a straight face... sheeeeeesh

@mohamedreddad2684 2 роки тому

Well, can anyone mention her name or her instagram 🌝

@APTsec 7 місяців тому

her name please... i feel in love :)

@anoopmv7 2 роки тому

Excellent presentation by a beautiful girl..

@darrensylvain8868 2 роки тому

Hopefully youtube doesn't demonetize you for suggesting sql injections exist

@albertomertinez1710 Рік тому

Do you understand sql injection ... Lots of videos💋💕💕 seems confusing .

@ansh4360 2 роки тому

@movietrailerpark Рік тому

Understoood nothing

@atikrangnekar3337 2 роки тому

Dekh kr bol rhi hai

@randymoazha4440 2 роки тому

just want to say, that women is really beautiful.

@MrDubs Рік тому

After watching this video and reading your comment, I commuted to a local sporting goods store and purchased the most powerful pair of binoculars they had available. I then proceeded to traverse the highest mountain in a 200 mile radius of my location five minutes after noon. The day was clear, weather warm, I had visibility for miles in all 360 degrees. But to my dismay, I still couldn't see who asked.

@ffgrass4132 Рік тому

@@MrDubs ahahhaha