Across
- 2. A common place where attackers test for authentication bypass
- 4. Function often used in time-based SQL injection
- 6. Unsanitized user _______ is often the entry point for SQL injection
- 7. Used to ignore the rest of a legitimate SQL query (--)
- 10. SQL injection where the attacker cannot see errors but infers information through behavior
- 12. 1=1 is always ______
- 14. A request sent from a website to a database
- 15. information blue teamers may use to understand an attack
- 17. A type of injection that uses response delays
- 18. SQL keyword used to retrieve data from a database
- 19. A security device that can be used to stop SQL injection attacks
Down
- 1. The type of database that will respond to @@version
- 3. the act of putting malicious SQL queries into a web application
- 5. Websites often talk to this backend system to retrieve or store data
- 8. Type of SQL injection that relies on database messages revealing data
- 9. A structured set of rows and columns used to store data
- 11. a key word that can be used to figure out how many columns are returned
- 13. Type of SQL injection that combines results from multiple SELECT queries
- 14. a single _____ is often used to break SQL syntax
- 16. a tool to automate SQL attacks