Sanad Bhowmik, profile picture
Uploaded bySanad Bhowmik
PPTX, PDF2,793 views

Sql injection in cybersecurity

SQL injection is a code injection technique that attacks data-driven applications. It involves inserting malicious SQL statements into entry fields that are then executed by the database. There are different types of SQL injection attacks, including directly injecting code to immediately execute or injecting into persistent storage to be triggered later. Injection can occur through user input, cookies, or server variables. Prevention techniques aim to stop these types of attacks from harming databases.

Embed presentation

Downloaded 20 times
SQL injection in Cybersecurity
AGENDA What is SQL? What is SQL injection? SQL injection Attack type? Prevention of SQL Injection Attack
What is SQL? SQL is a domain-specific language used in programming and designed for managing data held in a relational database management system, or for stream processing in a relational data stream management system.
What is SQL injection? SQL injection is a code injection technique used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
Example
Types of sql attacks The attacker can simply enter a malicious stirring and cause the modified code to be executed immediately. The attacker injects into persistent storage which is deemed as a trusted source. An attack is subsequently executed by another activity. The attacker can manipulate the implicit function to Char() by changing the values of the environment.
Injection Mechanism Injection through User input Injection through cookies Injection through server variable Second-order injection. }First-Order injection
Second-Order injection  The application stores that input for future use & responds to the request.  The attacker submit a second request.  To handle the second request, the application retrieves the stored input & processes it, causing the attacker’s injected SQL query to execute.
Inference  Inject commands into the site and then observe how the function/response of the website changes.  Blind injection  Timing attacks
Blind SQL Blind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response
Timing Attack A timing attack is a security exploit that allows an attacker to discover vulnerabilities in the security of a computer or network system by studying how long it takes the system to respond to different inputs.
Thank you

More Related Content

PPTX
Whatis SQL Injection.pptx
bySimplilearn
 
PPT
Sql injection
byPallavi Biswas
 
PPTX
Sql injection
byZidh
 
PPTX
SQL Injections - A Powerpoint Presentation
byRapid Purple
 
PDF
Sql Injection - Vulnerability and Security
bySandip Chaudhari
 
PPT
SQL Injection
byAdhoura Academy
 
PPTX
Sql injections - with example
byPrateek Chauhan
 
PPTX
Ppt on sql injection
byashish20012
 
Whatis SQL Injection.pptx
bySimplilearn
 
Sql injection
byPallavi Biswas
 
Sql injection
byZidh
 
SQL Injections - A Powerpoint Presentation
byRapid Purple
 
Sql Injection - Vulnerability and Security
bySandip Chaudhari
 
SQL Injection
byAdhoura Academy
 
Sql injections - with example
byPrateek Chauhan
 
Ppt on sql injection
byashish20012
 

What's hot

PPTX
SQL INJECTION
byAnoop T
 
PPTX
Introduction to penetration testing
byNezar Alazzabi
 
PDF
OWASP Top 10 Web Application Vulnerabilities
bySoftware Guru
 
PPT
Arp spoofing
byLuthfi Widyanto
 
PPTX
OWASP Top 10 2021 What's New
byMichael Furman
 
PPTX
Vulnerabilities in modern web applications
byNiyas Nazar
 
PPTX
Xss ppt
bypenetration Tester
 
PDF
Cybersecurity - Mobile Application Security
byEryk Budi Pratama
 
PPTX
SQL injection
byRaj Parmar
 
PPTX
Xss attack
byManjushree Mashal
 
PDF
How to identify and prevent SQL injection
byEguardian Global Services
 
PPTX
SQL INJECTION
byMentorcs
 
PPT
Sql injection
byNitish Kumar
 
PPTX
Sql injection
byNuruzzaman Milon
 
PPTX
SQL Injection
byAsish Kumar Rath
 
PPT
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
PPT
Web Hacking
byInformation Technology
 
PPT
Sql injection attack
byRajKumar Rampelli
 
PPTX
Advanced persistent threat (apt)
bymmubashirkhan
 
PPTX
Sql injection - security testing
byNapendra Singh
 
SQL INJECTION
byAnoop T
 
Introduction to penetration testing
byNezar Alazzabi
 
OWASP Top 10 Web Application Vulnerabilities
bySoftware Guru
 
Arp spoofing
byLuthfi Widyanto
 
OWASP Top 10 2021 What's New
byMichael Furman
 
Vulnerabilities in modern web applications
byNiyas Nazar
 
Xss ppt
bypenetration Tester
 
Cybersecurity - Mobile Application Security
byEryk Budi Pratama
 
SQL injection
byRaj Parmar
 
Xss attack
byManjushree Mashal
 
How to identify and prevent SQL injection
byEguardian Global Services
 
SQL INJECTION
byMentorcs
 
Sql injection
byNitish Kumar
 
Sql injection
byNuruzzaman Milon
 
SQL Injection
byAsish Kumar Rath
 
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
Web Hacking
byInformation Technology
 
Sql injection attack
byRajKumar Rampelli
 
Advanced persistent threat (apt)
bymmubashirkhan
 
Sql injection - security testing
byNapendra Singh
 

Similar to Sql injection in cybersecurity

PPTX
Sql injection
byManjushree Mashal
 
PPTX
Sql Injection
bypenetration Tester
 
PDF
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
PPTX
SQL Injection attack
byRayudu Babu
 
PPTX
SQL Injection Introduction and Prevention
byMohammed Fazuluddin
 
PPTX
Sql injection
byThe Avi Sharma
 
PDF
IRJET- Detection of SQL Injection using Machine Learning : A Survey
byIRJET Journal
 
PPTX
Sql injection
bySuraj Tiwari
 
PPTX
SQL Injection.jpg.pptx
bydawitTerefe5
 
PPTX
SQL Injection: Unraveling the Threats
byInsecureLab
 
PPTX
SQL injection implementation and prevention
byRejaul Islam Royel
 
DOCX
Understanding SQL Injection_ A Guide to Website Security.docx
byOscp Training
 
PDF
Chapter 5 - SQL-Injection-NK.pdf
byWaad Waad
 
PPTX
SQL INJECTIONS.pptx
byJayeshYadav53
 
PPTX
Sql injection
byChanchal Rajguru
 
PPTX
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
byprasadGade6
 
PPTX
Sql injections
byKK004
 
PPTX
cybersecurity and sql injection for students
byVeenaShree20
 
PDF
Owasp Backend Security Project 1.0beta
bySecurity Date
 
PDF
7 ayushpandey
byAyush Pandey
 
Sql injection
byManjushree Mashal
 
Sql Injection
bypenetration Tester
 
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
SQL Injection attack
byRayudu Babu
 
SQL Injection Introduction and Prevention
byMohammed Fazuluddin
 
Sql injection
byThe Avi Sharma
 
IRJET- Detection of SQL Injection using Machine Learning : A Survey
byIRJET Journal
 
Sql injection
bySuraj Tiwari
 
SQL Injection.jpg.pptx
bydawitTerefe5
 
SQL Injection: Unraveling the Threats
byInsecureLab
 
SQL injection implementation and prevention
byRejaul Islam Royel
 
Understanding SQL Injection_ A Guide to Website Security.docx
byOscp Training
 
Chapter 5 - SQL-Injection-NK.pdf
byWaad Waad
 
SQL INJECTIONS.pptx
byJayeshYadav53
 
Sql injection
byChanchal Rajguru
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
byprasadGade6
 
Sql injections
byKK004
 
cybersecurity and sql injection for students
byVeenaShree20
 
Owasp Backend Security Project 1.0beta
bySecurity Date
 
7 ayushpandey
byAyush Pandey
 

More from Sanad Bhowmik

PPTX
Fake News detection.pptx
bySanad Bhowmik
 
PPTX
Python Dictionary.pptx
bySanad Bhowmik
 
PPTX
Ai 8 puzzle problem
bySanad Bhowmik
 
PPTX
Round Robin Algorithm.pptx
bySanad Bhowmik
 
PPTX
Learning outcomes of system analysis and design and.pptx
bySanad Bhowmik
 
PPTX
Impact and Solutions of unemployment in the present of Bangladesh
bySanad Bhowmik
 
PPTX
Real life application of discrete math
bySanad Bhowmik
 
PPTX
Covid 19
bySanad Bhowmik
 
PPTX
Bandwidth
bySanad Bhowmik
 
PPTX
Importance of Numerical Methods in CSE.pptx
bySanad Bhowmik
 
PPTX
Bin packing
bySanad Bhowmik
 
PPTX
Potato Disease Recognition.pptx
bySanad Bhowmik
 
PPTX
Set.pptx
bySanad Bhowmik
 
PPTX
Act
bySanad Bhowmik
 
PPTX
Encapsulation
bySanad Bhowmik
 
PPTX
Web Development.pptx
bySanad Bhowmik
 
PPTX
Time Management.pptx
bySanad Bhowmik
 
Fake News detection.pptx
bySanad Bhowmik
 
Python Dictionary.pptx
bySanad Bhowmik
 
Ai 8 puzzle problem
bySanad Bhowmik
 
Round Robin Algorithm.pptx
bySanad Bhowmik
 
Learning outcomes of system analysis and design and.pptx
bySanad Bhowmik
 
Impact and Solutions of unemployment in the present of Bangladesh
bySanad Bhowmik
 
Real life application of discrete math
bySanad Bhowmik
 
Covid 19
bySanad Bhowmik
 
Bandwidth
bySanad Bhowmik
 
Importance of Numerical Methods in CSE.pptx
bySanad Bhowmik
 
Bin packing
bySanad Bhowmik
 
Potato Disease Recognition.pptx
bySanad Bhowmik
 
Set.pptx
bySanad Bhowmik
 
Act
bySanad Bhowmik
 
Encapsulation
bySanad Bhowmik
 
Web Development.pptx
bySanad Bhowmik
 
Time Management.pptx
bySanad Bhowmik
 

Recently uploaded

PPTX
Unit II Introduction to C programming ppts
bypawarbhaktiit
 
PPTX
Design and Development of Friction Stir Welding joints of Aluminium and Coppe...
byNareshKumarSingh12
 
PPTX
Unit I – Introduction to Devops Deployment Pipeline & Design Options Deploym...
byvenkadeshr123
 
PDF
ENVIRONMENTAL ENGINEERING LABORATORY MANUAL UG Lab Manual - Dept of ESE.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PPTX
Attack surfaces and attack tress[inform]
byErAnilKumarGupta1
 
PPTX
Hospital Management System Project- 220180107010.pptx
bypravjo279
 
PDF
lecture notes digital_design_examples.pdf
bygeekcooder2020
 
PDF
Environmental Engineering (3-0-2) Laboratory.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PDF
Learn Linux in your Android Phone (Learn on the Go)
byNarendran Solai Sridharan
 
PDF
A wire harness (also called a wiring harness or cable harness)
byabhinandankondekar2
 
PDF
SURAJIT PARAMANIK_ME_3RD_THERMODYNAMICS.pdf
byastikparamanik1970
 
PDF
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
PDF
Interaction with IIT Khatragpur for Infrastructure Development
byHARSIMRAN SINGH
 
PPT
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
PDF
Basic Laws of Introduction to Electrical Engineering
byshukiganewolfgang
 
PPTX
analog communication part one lecture note
byhirutfanta1212
 
PPTX
analog communication part two lecture note
byhirutfanta1212
 
PPTX
Why Precision Matters CO2 N2 Gas Filling Systems Neometrix
byNeometrix_Engineering_Pvt_Ltd
 
PPTX
Amperes Circuital Law and its appliocations
byKasiselvanathanMarim1
 
PPTX
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 
Unit II Introduction to C programming ppts
bypawarbhaktiit
 
Design and Development of Friction Stir Welding joints of Aluminium and Coppe...
byNareshKumarSingh12
 
Unit I – Introduction to Devops Deployment Pipeline & Design Options Deploym...
byvenkadeshr123
 
ENVIRONMENTAL ENGINEERING LABORATORY MANUAL UG Lab Manual - Dept of ESE.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
Attack surfaces and attack tress[inform]
byErAnilKumarGupta1
 
Hospital Management System Project- 220180107010.pptx
bypravjo279
 
lecture notes digital_design_examples.pdf
bygeekcooder2020
 
Environmental Engineering (3-0-2) Laboratory.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
Learn Linux in your Android Phone (Learn on the Go)
byNarendran Solai Sridharan
 
A wire harness (also called a wiring harness or cable harness)
byabhinandankondekar2
 
SURAJIT PARAMANIK_ME_3RD_THERMODYNAMICS.pdf
byastikparamanik1970
 
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
Interaction with IIT Khatragpur for Infrastructure Development
byHARSIMRAN SINGH
 
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
Basic Laws of Introduction to Electrical Engineering
byshukiganewolfgang
 
analog communication part one lecture note
byhirutfanta1212
 
analog communication part two lecture note
byhirutfanta1212
 
Why Precision Matters CO2 N2 Gas Filling Systems Neometrix
byNeometrix_Engineering_Pvt_Ltd
 
Amperes Circuital Law and its appliocations
byKasiselvanathanMarim1
 
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 

Sql injection in cybersecurity

  • 1.
    SQL injection inCybersecurity
  • 2.
    AGENDA What is SQL? Whatis SQL injection? SQL injection Attack type? Prevention of SQL Injection Attack
  • 3.
    What is SQL? SQLis a domain-specific language used in programming and designed for managing data held in a relational database management system, or for stream processing in a relational data stream management system.
  • 4.
    What is SQLinjection? SQL injection is a code injection technique used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
  • 5.
  • 6.
    Types of sqlattacks The attacker can simply enter a malicious stirring and cause the modified code to be executed immediately. The attacker injects into persistent storage which is deemed as a trusted source. An attack is subsequently executed by another activity. The attacker can manipulate the implicit function to Char() by changing the values of the environment.
  • 7.
    Injection Mechanism Injection throughUser input Injection through cookies Injection through server variable Second-order injection. }First-Order injection
  • 8.
    Second-Order injection  Theapplication stores that input for future use & responds to the request.  The attacker submit a second request.  To handle the second request, the application retrieves the stored input & processes it, causing the attacker’s injected SQL query to execute.
  • 9.
    Inference  Inject commandsinto the site and then observe how the function/response of the website changes.  Blind injection  Timing attacks
  • 10.
    Blind SQL Blind SQL(Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response
  • 11.
    Timing Attack A timingattack is a security exploit that allows an attacker to discover vulnerabilities in the security of a computer or network system by studying how long it takes the system to respond to different inputs.
  • 12.