Anouncing SQLI Labs

NotSoSecure is pleased to announce the launch of SQLi Labs in partnership with Security Tube Trainings. .

What is SQLi Lab

SQL Injection Labs provides an on-line platform to master The Art of Exploiting SQL Injection. From SQLi 101 to mind bending 2nd order injection, file read/write access, remote code execution; we have got it all covered. Whether you are a student who is just starting a career in field of IT security or a professional who wants to become a Ninja, we have something for everyone!

How does it work

After you have signed up, we will give you 1 month VPN access and a document containing list of questions. Each question has a URL (which you can only access via VPN) and set of objectives to achieve.

What sort of challenges are there?

We are covering the following areas:

  • Authentication Bypass
  • Data Extraction using various techniques
  • File Read/Write Access
  • Code Execution
  • Further, you can practice these in 4 databases (MS-SQL, MySQL, PostgreSQL, and Oracle);

    For the beginners, there is a systematic way to learn various techniques in exploiting SQLI and for the professionals there are some advanced challenges (yet, real world) to help them become a Ninja.

    Does each challenge have a difficulty level

    Challenges are split into three category (Basic, Intermediate and Advanced).

    How much does it cost

    99$/month (promo pricing).

    Will you get answers

    Yes, you will be provided with an answer sheet with detailed walk-through of how you should have solved each question. We have also just finished making a video walk-through of all the challenges. You will have access to all of this at no additional cost. In our solutions, we have provided links for further reading and also some references to open source products where a similar vulnerability was identified in the past. You can find a sample video walk through of a challenge here: http://www.youtube.com/watch?v=zVLPo9FtHhI

    Will you get a certification

    For now, the lab is set-up with the objective of people to learn, try out a few new things and have fun. You will get a Certification of Participation.

    Will there be new challenges

    We plan to add more challenges on a regular basis. These new challenges will be available to you for the period of your lab subscription.

    Will you get support if you need some help
    Each user, for the period of their subscription will have access to the users-forum where they can ask questions.

    More details/Registration Link:
    http://www.securitytube-training.com/virtual-labs/sql-injection-labs/index.html

    Leave a Reply

    Your email address will not be published.

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>