CSI6199 Report: Analysis of SQL Injection Attacks and Incidents

This report provides a comprehensive analysis of SQL injection (SQLi) attacks, a significant cybersecurity threat. It begins with an introduction highlighting the evolution of websites from static content to dynamic, database-driven systems, which has created opportunities for attackers to exploit vulnerabilities. The report then delves into a detailed walkthrough of SQLi attacks, explaining their mechanisms, types, and impact. It includes a step-by-step explanation of how SQLi attacks work, with supportive discussions and graphical images. The report also presents a real-world SQL injection incident, analyzing the attack's specifics, outcomes, and impact. The report concludes with a summary of the key findings and recommendations for mitigating SQLi attacks, emphasizing the importance of secure coding practices and robust security measures. The report references various sources, including reports from Risk Based Security, OWASP, and Veracode, to provide a comprehensive understanding of SQLi attacks and their implications.