Pentest Handbook: SQL Injection To Shell Uploading

SQL injection vulnerability is one of the OWASP Top 10. In this course, we are teaching you how to perform penetration testing step by step. We are going to focus on SQL injection vulnerability.  We start from scratch, so everyone who has no prior knowledge should not be worried about understanding the course. We simply present the concepts. This course is divided into three main sections.

Section 1: How to set up your hacking lab

• Introduction to virtual machines

• Introduction to Hacking Labs Resources

• Installing SQLI to shell Lab

• Network Adapter Troubleshooting

Section 2: SQL Injection Workshops

• Break and fix the query
• Finding the number of columns
• Finding vulnerable columns
• Union Select Attacks
• Database information
• Finding the databases
• Finding the tables
• Finding the columns
• Dump the data
• Decrypting Hashed Password

Section 3: How To Upload Shells And Bypass Upload Restrictions

• Uploading CMD shell
• Bypassing Upload Restrictions
• Working with CMD Shell

At the end of the course, you will be able to perform information gathering, crawl the web application, detect SQL injection vulnerability, work with developer tools in the browser, run queries to dump the data, upload a shell, and run some commands to get information about the server and web application.

Who can benefit from this course?

• Everyone is interested in learning penetration testing as a career.
• Everyone interested in teaching cyber security
• Everyone is tired of watching useless tutorials

What is the next step?

• Stay Tuned for OWASP Labs Courses