per
im
ete
r
def
ens
es.S Q L i n j e c t i o n
Structured Query Language (SQL) injection
is a code injection technique used to modify
or retrieve data from SQL databases. By
inserting specialized SQL statements into an
entry field, an attacker can execute
commands that allow for the retrieval of
data from the database.
Us
e
cha
rac
ter
esc
api
ng.Us
e
sto
red
pro
ced
ure
s as
op
pos
ed
to
que
ries
.En
for
ce
pri
vile
ges. B r u t e f o r
A threat actor may use trial and error to
decode data. Brute-force methods can be
used to crack passwords and crack
encryption keys. Other targets include API
keys, SSH logins, and Wi-Fi passwords.Loc
k
the
sys
te
m