What you'll learn
- You will gain the ability to design any complex SQL to query a database- (SQL)
- In-depth understanding of GROUP BY, Subqueries, aggregate functions, SQL Server functions, HAVING clauses -(SQL)
- Understand the difference between the INNER JOIN, LEFT/RIGHT OUTER JOIN, and FULL OUTER JOIN- (SQL)
- You will understand the Importance of Session Hijacking Mechanism and their confidential data use (Security Testing)
- You can investigate application behaviour with Parameter Tampering and Brute force attacks (Security Testing)
- You will get the knowledge of all basics with Http that might cause attacking malicious inputs (Security Testing)
- Create or interact with existing databases and test the Database for schema validations - (SQL)
- Detect Request forgery Designs if present any in Web applications --(Security Testing)
- You can Clear any Interview on SQL with the Interview questions covered - (SQL)
Requirements
- ******You need NOT have any prior SQL/Security testing knowledge to start this course*********
- Though these are online Lectures. You will have Lifetime instructor support. You can contact me any time for your Queries, Will respond back within 12 hours
- All Installation setup including Database basics is taken care as part of course
- Theoretical Material, Code dump and Interview Guide are available for download
Description
SQL and Security Testing are Additional skills which every software Engineer need to have irrespective of their role in Project. And this course fulfils the gap by teaching both these topics and also gives you an edge compared to other Engineers at your work .And of course these are one of the common skills which are tested in every Software Engineer Interview.
• What make this course special for beginners?
“No more Boring slides or Definitions. I will write every SQL query before you in lecture and teach every topic needed to master in SQL with Practical examples
• And also, This Tutorial will give all the weapons you needed to investigate and unlock the Security Holes in the Web application with powerful Penetration testing approach
• Course lectures are conceptually driven with root level explanations and bring you to the level where you can write any kind of SQL query and detect any kind of security bugs in the application
This course covers:
MYSQL:
Introduction to SQL — MySQL Overview — Start up commands to Setup Database and Tables — Database testing to validate Schema — Altering Table Schema operations — Queries to retrieve Data Logical operators on Queries — Wild cards usage in Queries — SQL Functions with real time scenarios — Importance of Group By in SQL
— Advanced SQL Concepts — Subqueries syntax and usage — SQL Joins usage and its advantages — Importance of views in Database — SQL String functions
— Data constraints with Database Testing perspective — Practise Exercises for Interviews with Solutions
— SQL glossary on discussed topics
Security Testing:
Course Contents: Basics of Security Testing Terminologies involved in Security Domain Top OWASP principles Cross site Scripting Xss examples Cookies Importance Danger with stealing of cookies Session Hijacking Cross site forgery Attacks Parameter Tampering Methods to Intercept requests Account Management Password security guidelines Brute force mechanism Importance of Client-side validations
Who this course is for:
• Any IT professional no matter in what field they are into
• QA Testers who want to enhance their skill on Data base Testing and Security testing
• Freshers/Graduates who want to learn computer science foundations
Course content
- Why to learn SQL and Security Testing? and how this course is designed Please Note
- Introduction to Database
- Introduction to SQL and MySQL
- Downloading MySQL server with workbench
- Overview of SQL Editor with basic features
- SQL basic Material for reference
- creating Database and pointing to it
- Creating Tables in database
- Inserting records into Table
- Retrieving records from the Table
- SQL commands glossary on discussed Topics
- Adding and modifying records in a table
- Deleting records and dropping database
- Updating rows in a table
- Modifying operations example
- SQL Glossary on discussed topics
- Select Distinct keyword in queries
- SQL WHERE command usage
- Logical operators on Queries AND OR – 1
- Logical operators ‘In’ ‘Between’- 2
- Regular expressions Introduction
- Wild cards usage in Queries -1
- SORT by usage in Queries
- SQL glossary on discussed topics
- Importance of Group By in SQL
- Combination of Group by and SQL functions (Min, Max, Avg)
- Usage of Having keyword with Group by and Aggregate functions
- Difference between Having and Where keyword and when to use them
- Practise Exercises on Group By, Having, Where and Aggregate functions keyword -1
- Practise Exercises on Group By, Having, Where and Aggregate functions keyword- 2
- SQL glossary on discussed topics
- Building SQL Sub queries with examples
- Subqueries syntax and usage
- Subqueries Example
-
- SQL Joins usage and its advantages
- SQL Joins Example
- Relation on subqueries and Joins
- Practical examples on Joins and subqueries
- Left and Right joins importance in SQL
- Practical example on Inner joins, Left join, Right Join
- Importance of views in Database
- views example on Database
- String functions – 1
- String functions – 2
- String functions -3
- SQL glossary on discussed topics
- Importance of Union and Union All SQL Keyword
- Query to intersect records from two tables
- Exists keyword usage in SQL
- CASE Statement in SQL with example
- SQL Glossary
- NOT Null constraint -1
- Not Null Constraint Validations and Testing – 2
- Default Constraint Validations and Testing – 3
- Unique Constraint Validations and Testing – 4
- Primary Key Constraint validation and Testing -5
- SQL glossary on discussed topics
- Importance of Foreign Key constraint in SQL
- Understand Foreign key rules and constraints with examples
- On DELETE CASCADE Keyword to force rules on Foreign key deletion SQL Glossary
- Practise!!!
- Practise Exercise/Interview Questions- 1
- Practise Exercise/Interview Questions- 2
- Solutions for Exercise – 1
- Solutions for Exercise -2
- JDBC, ODBC programming-Creating Project
- Creating Database Tables and connecting to JDBC java code
- Retrieving data from Database with Java code
- JDBC code download
- What is SQL Injecting
- How to identify SQL loopholes in web application
- Exposing Security loopholes with malicious SQL syntax
- List of URLs Pattern which can cause attack with SQL
- Material for reference
- Unix for Beginners- 2
- Important Note
- Why security Testing gaining Importance day by day!
- What is Http and Https?
- How can we avoid Man in middle attacks?
- Http Methods overview in talking to servers
- Fiddler Demo- Monitoring Network traffic
- Understanding Fiddler to intercept requests
- Material for Reference
- What is XSS? How it can damage Web sites
- Detecting XSS Vulnerability for Websites – 1
- Detecting XSS Vulnerability for Websites – 2
- Bypassing Client Validation to perform XSS
- Encoding all the inputs to avoid Attacks
- Types of Attack – Reflected XSS
- Types of Attack – Persistence XSS
- How to handle cross site scripting in IE browser
- Material for Reference
- What are cookies and where are they stored
- Session cookie sensitive data Threats
- How can we stop Cookies hijacking?
- Methods to Prevent cookie steal -Secure Attribute
- Preventing cookies steal -Http Attribute flag
- Domain and path attribute to restrict cookies
- Setting Time period for Sessions- Security Safety Tip
- Material for Reference
- What is CSRF? How can it cause threat?
- Session Hijacking with illegal requests
- Avoid Cross Site forgeries with Token Mechanism
- Checklist for Pen Testers to check CSRF Attacks
- Material for Reference
- Different sources to intercept requests
- Importance of having Server-side Validations
- Intercepting requests with fiddler tool
- Material for Reference
- Steps to be taken for Password setting
- List of Hacking Passwords and Precautions which need to be taken
- Sources of Attacking Passwords
- Best Practices to be followed in securing Account
- Brute force attack handler Mechanism
- Material for Reference
- Bonus Lecture- Discount coupons for other courses