Embedded Files
Scenario
Scenario
By now, you are familiar with the types of SQL injection attacks an attacker can perform and the impact caused due to these attacks. Attackers can use the following types of SQL injection attacks: authentication bypass, information disclosure, compromised data integrity, compromised availability of data, and remote code execution, which allows them to spoof identity, damage existing data, execute system-level commands to cause a denial of service of the application, etc.
In the previous lab, you learned to test SQL injection attacks on MS SQL database for website vulnerabilities.
As an expert security professional and penetration tester of an organization, your job responsibility is to test the company’s web applications and web services for vulnerabilities. You need to find various ways to extend security tests and analyze web applications and employ multiple testing techniques.
Moving further, in this lab you will learn to test for SQL injection attacks using IBM Security AppScan tool.
Lab Analysis
Lab Analysis
In this lab, you have learnt how to test web applications for SQL injection threats and vulnerabilities. Analyze and document the results related to the lab exercise. Give your opinion on your target’s security posture and exposure.
Report abuse