Injection is the most common vulnerability on the web today, and has been for some time. Testers can do a lot to explore, investigate and identify Injection vulnerabilities in applications with simple techniques, tools and some basic knowledge of SQL and other languages. This video will cover the basics of SQL Injection in a vulnerable application, give you the information you need on the issues within the context of the OWASP Top 10, and suggest ways you can incorporate these techniques into your every day testing.

Remember to seek permission before performing any security testing on live systems and applications, otherwise it could lead to legal issues. Only use training applications, or your own applications, hosted on a VM or other isolated environment.

Further Learning: