Got questions about SQL Injection? Want to dive deeper than the SQL Master Class series? What went in to making the labs? What’s the future of the channel?
SQL Injection lab gitlab: https://gitlab.com/r00k/sql_for_hackers
00:00 Introduction and plans for the channel
06:24 Intro to Boolean Inference SQL Injection
10:21 Local prototyping and general pen testing methodology
12:33 OSCP SQL Injection question
16:00 Introducing SQL substring function
21:46 Database mapping and fingerprinting recap
30:30 Boolean inference with AND
38:48 Why substring? Multiple selects without stacked queries
42:35 Boolean inference with substring
47:30 Inference vs Blind SQLi, and sleep statement
49:41 Speeding up inference with character order
GIPHY App Key not set. Please check settings
Thanks for sharing such an awesome content, Derek! SQLi is one of my favorite vulnerabilities to come across.. and your approach to it is pure gold!
Allot of information 👌