What is SQL Injection ?

SQL Injection is a method of injecting codes. 

This technique is used to insert malicious codes or statements of SQL in data-driven applications into it's entry field to get executed. 
SQL injection may exploit a vulnerability of a software in case the user's input is incorrectly filtered for string literal escape characters in the statement or when the user input is not correctly typed & is executed unexpectedly.

SQL Injection is also called the attack vector but can be used for attacking any type of SQL database.
SQL Injection attack allows attackers to mess with the database, to spoof identity, tampering with the existing data and many more which the ba guys can do also to totally disclose all data on the system, and become the administrator of that data server.

                     -Thank You
    
      All The Best! 

             Stay Safe & Stay Secure!

Comments

Post a Comment

If you have any doubt or want to know something more or new,you are most welcome. Just let me know.

Popular posts from this blog

Cryptography in Cyber Security

Image
Crtpt - stands for hidden & graphy  - stands for writing. It is the process of protecting or securing a data or information with the help of codes.  Yes, the data gets stored in the form of codes such as : " 8b1a9953c4611296a827abf8c47804d7" Can you guess the actual word ? It's ' Hello'  similarly " 64ef07ce3e4b420c334227eecb3b3f4c " is the code or the hash for " Cryptography ". This technique is derived from some mathematical concepts . This process of crypting texts or the plain texts  into cipher text or the crypted text   is called Cryptography. If I give an example of Cryptography then WhatsApp will be the best to explain. Did you ever notice that after writing the first text to a person in WhatsApp at the top the message appears as "End-to-end encrypted". Hence it ensures you that " now your message is encrypted and is totally saved securely" , but in time when needed it can also be decrypted too.  This process of ...
Read more

What is SQL?

Image
SQL stands for  Structured Query Language also called See- Quel. This is a domain specific language used for programming and designed for managing data held in the relational database management system or simply the ( RDBMS ) and also for the stream processing in a Relational Database Management System or ,(RDBSMS). It is used for handling Structured Data. SQL consists of many types of statements which can be informally classed as Sublanguages : A Data Query Language, A Data Definition Language, A Data Control Language, and A Data Manipulation Language. The scope of SQL includes Data Query, Data Definition, Data Acess Control. SQL is a Declarative Language, it also includes procedural Elements.  The first relational language to be utilized in E.F.Codd's relational model was SQL. That model was described in his influential paper of the late 1970's.  Although it was not entirely adhered to the relational model described by E.F.Codd , it became the most widely used DATA...
Read more

What are VPNs?

    VPN stands for  Virtual Private Network . A VPN provides a secure & protected connection when connected to a network. It encrypts all the datas & disguise us with absolutely under a different identity with a different IP (Internet Protocol) address & Location. The encryption happens in  "Real Time".  It makes tracking parties more difficult to track you....   How  does a VPN  work? A VPN connection disguises your data traffic online and protects it from external access. Unencrypted data can be viewed by anyone who has network access and wants to see it. With a VPN, hackers and cyber criminals can’t decipher this data. Encryption:  To read the data, you need an  encryption key  . Without one, it would take millions of years for a computer to decipher the code in the event of a bruteforce attack. With the help of a VPN, your online activities are hidden even on public networks. Secure Data Transfer : If you work remote...
Read more