Name
Abstract | ||
|---|---|---|
We present a web application system where users can learn about and practice SQL injection attacks. Our system is designed for students in a university level database or computer security class, and is aimed towards students familiar with SQL but with little experience in web security. Our platform currently contains 12 levels, each of which demonstrates a SQL vulnerability that the user must exploit. For each level, we explain the goal of the challenge, and also provide detailed solutions. Our system provides advantages over other methods of teaching SQL injection because it is hands-on, the challenges provide a greater scope of vulnerability coverage, and is easily extensible, allowing instructors to add their own SQL injection problems for their students.
|
Year | DOI | Venue |
|---|---|---|
2019 | 10.1145/3287324.3287490 | Proceedings of the 50th ACM Technical Symposium on Computer Science Education |
Keywords | Field | DocType |
database security, education, learning tool, sql injection | SQL,Virtual learning environment,World Wide Web,Internet security,Computer science,Database security,Exploit,Web application,Multimedia,SQL injection,Vulnerability | Conference |
ISBN | Citations | PageRank |
978-1-4503-5890-3 | 0 | 0.34 |
References | Authors | |
4 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Nada Basit | 1 | 0 | 0.34 |
| Abdeltawab Hendawi | 2 | 8 | 1.25 |
| Joseph Chen | 3 | 2 | 1.16 |
| Sun, A. | 4 | 5 | 4.17 |