SQL Injection Tutorial for Beginners | Hands-On Lab

In this video, we explore SQL Injection (SQLi), one of the most common and critical vulnerabilities in web applications.

You will learn what SQL Injection is, how it works, and why it poses a serious risk to backend databases. The video starts with a clear conceptual explanation, followed by a practical demonstration to help you understand the attack in a real-world scenario.

This content is designed for learners who want to move beyond theory and gain practical insight into cybersecurity concepts.

Topics:
00:00 – Introduction & Learning Objectives
01:37 – What is SQL?
02:32 – What is DBMS
03:05 – What is SQL Injection (SQLi)?
04:20 – Lab Setup: Installing Kali Linux & Metasploitable 2
07:45 – Configuring the Database for Practice
10:18 – Finding the Target IP & Exploring the Lab Environment
11:53 – How Admins View Data (Manual MySQL Access)
15:52 – Starting the Hack: Identifying Vulnerable Input Fields
18:00 – Bypassing Login with SQL Injection (True Statements)
21:46 – Admin Account Takeover Exploit
24:40 – Understanding False Statements in SQLi
27:40 – Automating Attacks with sqlmap
31:30 – Dumping Database Tables and Accounts
34:12 – How SQLi Works (Vulnerable vs. Secure PHP Code)
36:45 – Conclusion & Next Steps (Blind SQLi)
Metasploitable2 Download Link : https://sourceforge.net/projects/metasploitable

SQLI Cheat Sheet : https://hackscaleteam.github.io/2026/05/10/SQLi-Cheat-Sheet.html

Twitter: https://x.com/_hackscale_
Note: This video is for educational purposes only. All demonstrations are performed in a safe and controlled environment.

#SQL_INJECTION #CyberSecurity #hackscale

Видео SQL Injection Tutorial for Beginners | Hands-On Lab канала HackScale