00 — Overview

SQL Injection

Learn how attackers manipulate database queries through unsanitised input — and bypass logins, extract data, and own the backend.

Beginner·50 min·14 tasks

// By the end of this module

→Understand how unsanitised input breaks out of SQL query context

→Perform login bypass, UNION-based, and error-based SQLi manually

→Extract database schema, tables, and data with blind techniques

→Identify SQLi sinks in URL parameters, headers, and JSON bodies

// Prerequisites

Foundation · Beginner

45 min