SlideShare a Scribd company logo

Sql injection in cybersecurity

Download as PPTX, PDF
Sanad Bhowmik
Sanad Bhowmik

SQL injection is a code injection technique that attacks data-driven applications. It involves inserting malicious SQL statements into entry fields that are then executed by the database. There are different types of SQL injection attacks, including directly injecting code to immediately execute or injecting into persistent storage to be triggered later. Injection can occur through user input, cookies, or server variables. Prevention techniques aim to stop these types of attacks from harming databases.

Engineering
1 of 12
SQL injection in Cybersecurity
AGENDA What is SQL? What is SQL injection? SQL injection Attack type? Prevention of SQL Injection Attack
What is SQL? SQL is a domain-specific language used in programming and designed for managing data held in a relational database management system, or for stream processing in a relational data stream management system.
What is SQL injection? SQL injection is a code injection technique used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
Example
Types of sql attacks The attacker can simply enter a malicious stirring and cause the modified code to be executed immediately. The attacker injects into persistent storage which is deemed as a trusted source. An attack is subsequently executed by another activity. The attacker can manipulate the implicit function to Char() by changing the values of the environment.
Injection Mechanism Injection through User input Injection through cookies Injection through server variable Second-order injection. }First-Order injection
Second-Order injection  The application stores that input for future use & responds to the request.  The attacker submit a second request.  To handle the second request, the application retrieves the stored input & processes it, causing the attacker’s injected SQL query to execute.
Inference  Inject commands into the site and then observe how the function/response of the website changes.  Blind injection  Timing attacks
Blind SQL Blind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response
Timing Attack A timing attack is a security exploit that allows an attacker to discover vulnerabilities in the security of a computer or network system by studying how long it takes the system to respond to different inputs.
Thank you

Recommended

SQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationSQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationRapid Purple
 
Sql injections - with example
Sql injections - with exampleSql injections - with example
Sql injections - with examplePrateek Chauhan
 
Sql Injection - Vulnerability and Security
Sql Injection - Vulnerability and SecuritySql Injection - Vulnerability and Security
Sql Injection - Vulnerability and SecuritySandip Chaudhari
 
How to identify and prevent SQL injection
How to identify and prevent SQL injection How to identify and prevent SQL injection
How to identify and prevent SQL injection Eguardian Global Services
 
Sql injection
Sql injectionSql injection
Sql injectionPallavi Biswas
 
Whatis SQL Injection.pptx
Whatis SQL Injection.pptxWhatis SQL Injection.pptx
Whatis SQL Injection.pptxSimplilearn
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attackRaghav Bisht
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 

Recommended

SQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationSQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationRapid Purple
 
Sql injections - with example
Sql injections - with exampleSql injections - with example
Sql injections - with examplePrateek Chauhan
 
Sql Injection - Vulnerability and Security
Sql Injection - Vulnerability and SecuritySql Injection - Vulnerability and Security
Sql Injection - Vulnerability and SecuritySandip Chaudhari
 
How to identify and prevent SQL injection
How to identify and prevent SQL injection How to identify and prevent SQL injection
How to identify and prevent SQL injection Eguardian Global Services
 
Sql injection
Sql injectionSql injection
Sql injectionPallavi Biswas
 
Whatis SQL Injection.pptx
Whatis SQL Injection.pptxWhatis SQL Injection.pptx
Whatis SQL Injection.pptxSimplilearn
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attackRaghav Bisht
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
Sql injection
Sql injectionSql injection
Sql injectionZidh
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attackRajKumar Rampelli
 
Sql injection
Sql injectionSql injection
Sql injectionNuruzzaman Milon
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONMentorcs
 
Sql Injection attacks and prevention
Sql Injection attacks and preventionSql Injection attacks and prevention
Sql Injection attacks and preventionhelloanand
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionSina Manavi
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Sql injection
Sql injectionSql injection
Sql injectionNikunj Dhameliya
 
Sql injection - security testing
Sql injection - security testingSql injection - security testing
Sql injection - security testingNapendra Singh
 
SQL injection
SQL injectionSQL injection
SQL injectionRaj Parmar
 
Sql injection
Sql injectionSql injection
Sql injectionNitish Kumar
 
Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOWASP Delhi
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injectionashish20012
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...Edureka!
 
SQL Injection
SQL Injection SQL Injection
SQL Injection Adhoura Academy
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
SQL injection prevention techniques
SQL injection prevention techniquesSQL injection prevention techniques
SQL injection prevention techniquesSongchaiDuangpan
 
Sql injection
Sql injectionSql injection
Sql injectionSasha-Leigh Garret
 
Sql injection
Sql injectionSql injection
Sql injectionManjushree Mashal
 
Sql
SqlSql
SqlIJASCSE
 

More Related Content

What's hot

Sql injection
Sql injectionSql injection
Sql injectionZidh
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONMentorcs
 
Sql Injection attacks and prevention
Sql Injection attacks and preventionSql Injection attacks and prevention
Sql Injection attacks and preventionhelloanand
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionSina Manavi
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Sql injection - security testing
Sql injection - security testingSql injection - security testing
Sql injection - security testingNapendra Singh
 
Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOWASP Delhi
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injectionashish20012
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...Edureka!
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
SQL injection prevention techniques
SQL injection prevention techniquesSQL injection prevention techniques
SQL injection prevention techniquesSongchaiDuangpan
 

What's hot (20)

Sql injection
Sql injectionSql injection
Sql injection
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attack
 
Sql injection
Sql injectionSql injection
Sql injection
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
Sql Injection attacks and prevention
Sql Injection attacks and preventionSql Injection attacks and prevention
Sql Injection attacks and prevention
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
 
Sql injection
Sql injectionSql injection
Sql injection
 
Sql injection - security testing
Sql injection - security testingSql injection - security testing
Sql injection - security testing
 
SQL injection
SQL injectionSQL injection
SQL injection
 
Sql injection
Sql injectionSql injection
Sql injection
 
Owasp top 10 vulnerabilities
Owasp top 10 vulnerabilitiesOwasp top 10 vulnerabilities
Owasp top 10 vulnerabilities
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injection
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
 
SQL Injection
SQL Injection SQL Injection
SQL Injection
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
SQL injection prevention techniques
SQL injection prevention techniquesSQL injection prevention techniques
SQL injection prevention techniques
 
Sql injection
Sql injectionSql injection
Sql injection
 

Similar to Sql injection in cybersecurity

SQL Injection Attack Detection and Prevention Techniques to Secure Web-Site
SQL Injection Attack Detection and Prevention Techniques to Secure Web-SiteSQL Injection Attack Detection and Prevention Techniques to Secure Web-Site
SQL Injection Attack Detection and Prevention Techniques to Secure Web-Siteijtsrd
 
IRJET- Detection of SQL Injection using Machine Learning : A Survey
IRJET- Detection of SQL Injection using Machine Learning : A SurveyIRJET- Detection of SQL Injection using Machine Learning : A Survey
IRJET- Detection of SQL Injection using Machine Learning : A SurveyIRJET Journal
 
SQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmSQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmIOSR Journals
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET Journal
 
IRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET Journal
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseNoaman Aziz
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackIJRESJOURNAL
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxcgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxprasadGade6
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEAjith Kp
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerceijceronline
 
SQL Injection: Unraveling the Threats
SQL Injection: Unraveling the ThreatsSQL Injection: Unraveling the Threats
SQL Injection: Unraveling the ThreatsInsecureLab
 

Similar to Sql injection in cybersecurity (20)

Sql injection
Sql injectionSql injection
Sql injection
 
Sql
SqlSql
Sql
 
SQL Injection Attack Detection and Prevention Techniques to Secure Web-Site
SQL Injection Attack Detection and Prevention Techniques to Secure Web-SiteSQL Injection Attack Detection and Prevention Techniques to Secure Web-Site
SQL Injection Attack Detection and Prevention Techniques to Secure Web-Site
 
IRJET- Detection of SQL Injection using Machine Learning : A Survey
IRJET- Detection of SQL Injection using Machine Learning : A SurveyIRJET- Detection of SQL Injection using Machine Learning : A Survey
IRJET- Detection of SQL Injection using Machine Learning : A Survey
 
Op2423922398
Op2423922398Op2423922398
Op2423922398
 
E017131924
E017131924E017131924
E017131924
 
SQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmSQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive Algorithm
 
Ijcatr04041018
Ijcatr04041018Ijcatr04041018
Ijcatr04041018
 
Injection attacks
Injection attacksInjection attacks
Injection attacks
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
 
IRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & Mitigation
 
Sql injection
Sql injectionSql injection
Sql injection
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackrose
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection Attack
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxcgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerce
 
SQL Injection: Unraveling the Threats
SQL Injection: Unraveling the ThreatsSQL Injection: Unraveling the Threats
SQL Injection: Unraveling the Threats
 

More from Sanad Bhowmik

Time Management.pptx
Time Management.pptxTime Management.pptx
Time Management.pptxSanad Bhowmik
 
Learning outcomes of system analysis and design and.pptx
Learning outcomes of system analysis and design and.pptxLearning outcomes of system analysis and design and.pptx
Learning outcomes of system analysis and design and.pptxSanad Bhowmik
 
Importance of Numerical Methods in CSE.pptx
Importance of Numerical Methods in CSE.pptxImportance of Numerical Methods in CSE.pptx
Importance of Numerical Methods in CSE.pptxSanad Bhowmik
 
Round Robin Algorithm.pptx
Round Robin Algorithm.pptxRound Robin Algorithm.pptx
Round Robin Algorithm.pptxSanad Bhowmik
 
Python Dictionary.pptx
Python Dictionary.pptxPython Dictionary.pptx
Python Dictionary.pptxSanad Bhowmik
 
Potato Disease Recognition.pptx
Potato Disease Recognition.pptxPotato Disease Recognition.pptx
Potato Disease Recognition.pptxSanad Bhowmik
 
Web Development.pptx
Web Development.pptxWeb Development.pptx
Web Development.pptxSanad Bhowmik
 
Impact and Solutions of unemployment in the present of Bangladesh
Impact and Solutions of unemployment in the present of BangladeshImpact and Solutions of unemployment in the present of Bangladesh
Impact and Solutions of unemployment in the present of BangladeshSanad Bhowmik
 
Fake News detection.pptx
Fake News detection.pptxFake News detection.pptx
Fake News detection.pptxSanad Bhowmik
 
Real life application of discrete math
Real life application of discrete mathReal life application of discrete math
Real life application of discrete mathSanad Bhowmik
 

More from Sanad Bhowmik (17)

Time Management.pptx
Time Management.pptxTime Management.pptx
Time Management.pptx
 
Set.pptx
Set.pptxSet.pptx
Set.pptx
 
Learning outcomes of system analysis and design and.pptx
Learning outcomes of system analysis and design and.pptxLearning outcomes of system analysis and design and.pptx
Learning outcomes of system analysis and design and.pptx
 
Importance of Numerical Methods in CSE.pptx
Importance of Numerical Methods in CSE.pptxImportance of Numerical Methods in CSE.pptx
Importance of Numerical Methods in CSE.pptx
 
Round Robin Algorithm.pptx
Round Robin Algorithm.pptxRound Robin Algorithm.pptx
Round Robin Algorithm.pptx
 
Python Dictionary.pptx
Python Dictionary.pptxPython Dictionary.pptx
Python Dictionary.pptx
 
Potato Disease Recognition.pptx
Potato Disease Recognition.pptxPotato Disease Recognition.pptx
Potato Disease Recognition.pptx
 
Web Development.pptx
Web Development.pptxWeb Development.pptx
Web Development.pptx
 
Impact and Solutions of unemployment in the present of Bangladesh
Impact and Solutions of unemployment in the present of BangladeshImpact and Solutions of unemployment in the present of Bangladesh
Impact and Solutions of unemployment in the present of Bangladesh
 
Fake News detection.pptx
Fake News detection.pptxFake News detection.pptx
Fake News detection.pptx
 
Bandwidth
BandwidthBandwidth
Bandwidth
 
Real life application of discrete math
Real life application of discrete mathReal life application of discrete math
Real life application of discrete math
 
Act
ActAct
Act
 
Bin packing
Bin packingBin packing
Bin packing
 
Encapsulation
EncapsulationEncapsulation
Encapsulation
 
Covid 19
Covid 19Covid 19
Covid 19
 
Ai 8 puzzle problem
Ai 8 puzzle problemAi 8 puzzle problem
Ai 8 puzzle problem
 

Recently uploaded

APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxhumanexperienceaaa
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

Recently uploaded (20)

★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptxthe ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
the ladakh protest in leh ladakh 2024 sonam wangchuk.pptx
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 

Sql injection in cybersecurity

  • 1. SQL injection in Cybersecurity
  • 2. AGENDA What is SQL? What is SQL injection? SQL injection Attack type? Prevention of SQL Injection Attack
  • 3. What is SQL? SQL is a domain-specific language used in programming and designed for managing data held in a relational database management system, or for stream processing in a relational data stream management system.
  • 4. What is SQL injection? SQL injection is a code injection technique used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
  • 6. Types of sql attacks The attacker can simply enter a malicious stirring and cause the modified code to be executed immediately. The attacker injects into persistent storage which is deemed as a trusted source. An attack is subsequently executed by another activity. The attacker can manipulate the implicit function to Char() by changing the values of the environment.
  • 7. Injection Mechanism Injection through User input Injection through cookies Injection through server variable Second-order injection. }First-Order injection
  • 8. Second-Order injection  The application stores that input for future use & responds to the request.  The attacker submit a second request.  To handle the second request, the application retrieves the stored input & processes it, causing the attacker’s injected SQL query to execute.
  • 9. Inference  Inject commands into the site and then observe how the function/response of the website changes.  Blind injection  Timing attacks
  • 10. Blind SQL Blind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response
  • 11. Timing Attack A timing attack is a security exploit that allows an attacker to discover vulnerabilities in the security of a computer or network system by studying how long it takes the system to respond to different inputs.