In the CYBRScore Analyze SQL Injection Attack lab, students will Identify the use of an SQL Injection through the use of Wireshark. The students will also isolate the different aspects of the SQL Injection and execute the selected code.

CYBRScore's Analyze SQL Injection Attack lab is available in a hosted on-demand environment so students can access anywhere: in a classroom, workplace or at home.

CYBRScore Analyze SQL Injection Attack Lab Objectives:

  • Use Wireshark to analyze network traffic and identify targets
  • Use Wireshark to identify methods used by the attacker
  • Analyze exploit to determine specific attack vector and vulnerabilities exploited.

Course Description In the CYBRScore Analyze SQL Injection Attack lab, you will begin by analyzing a network packet capture and looking for evidence of an attempted SQL Injection attack. You will then follow the TCP Stream and review the entire request and response cycle. The next step will be to save off the information from the packet capture into a .html file and render it in a browser.

You will be looking for any evidence of the SQL Injection attack possibly working. Learning to use Wireshark for analysis and threat hunting is one of the most important items to add to your arsenal. It does not matter what the operating system is or the brand of the computer. Everything talks across the networks in the same manner and being able to recognize that communication within a packet capture will set you above most IT Security Analyst.

SQL Injection attacks are still considered a very real threat. The fixes are easy and can be implemented usually without a lot of time, money, and effort. However, the fact that this is still listed in the most recent OWASP Top Ten and is taught to Penetration Testers and Defenders shows that it is a genuine and severe threat. Learning to recognize the signs and indicators is critical for any SOC Analyst.

CYBRScore's Analyze SQL Injection Attack Lab is presented by Cybrary (www.cybrary.it) and is part of the SOC Analyst Career Path. Completion of CYBRScore's Analyze SQL Injection Attack Lab means that the student has learned and demonstrated how to recognize and validate SQL Injection Attacks against an environment. The role of the SOC analyst is to plan, monitor, and implement security measures to protect an organization’s computer systems, networks, and data. To do this, SOC analysts must stay up-to-date on the most current intelligence, including hackers’ practices and tactics, to anticipate and prevent security threats and breaches.

Click on the Lab to learn more on how to detect SQL Injection Attacks in your network.