Task 1 of 9
What Is SQL?
SQL (Structured Query Language) is the language used to talk to databases. Almost every web application you've ever used — login systems, shopping carts, social feeds — stores its data in a database and uses SQL to read and write it.
As a hacker, SQL matters for two reasons:
- You need to understand it to find and exploit SQL injection — one of the most impactful vulnerabilities in web security
- When you compromise a database, you need SQL to extract the data you're looking for
HOW A WEB APP USES A DATABASE
Browser
User types username + password and clicks Login
Server
Builds a SQL query: SELECT * FROM users WHERE username='alice' AND password='...'
Database
Runs the query, returns the matching user row (or nothing)
Server
If a row came back → login success. If empty → wrong password.
SQL injection happens when an attacker can break out of that query and change what it does. But first — you need to know what normal SQL looks like.
1
Why does understanding SQL matter for a hacker?
2
In a login form, what does the database return when the username and password are correct?
Answer 2 questions to continue