Mastering Database Reconnaissance and Exploitation



The internet is mostly web applications and most web applications are connected to a database. These databases store everything from usernames and passwords, to credit card numbers, social security numbers, and tons of other sensitive or useful information. In many cases, the ability to compromise a database will soon lead to a much greater system or organization compromise.

This class is going to cover the basics of how databases work, identifying databases, hacking SQL database and more modern NoSQL databases. We are going to cover what to do once you hack a database. Additionally, we will be discussing ways to protect your own applications from these attacks as we progress through the course.

What You Will Learn

  • A structured approach to database testing and exploitation
  • A solid understanding of SQL and NoSQL syntax and operation
  • Level-up your existing tool knowledge by getting more out of the ones that you know about and learning new ones
  • Skills to recording findings as you conduct your testing
  • Techniques and methods to help prevent database misconfigurations and common attacks


Duration:  4 Hours