Internet-based and Database-based Attacks

This course is included in our On-demand training solution.


Internet-based attacks and the mechanisms used to both accomplish and to defend against them is a staple of both hackers and ethical hackers today. This course examines how to hack web servers, and conversely, how to defend against those attacks, how to examine web applications for vulnerabilities, and how to fix them, how web-based password cracking is done, and how it is defended against. This course examines SQL injection attacks and defense mechanisms, along with buffer overflows and the countermeasures that can be put in place to deal with them. This course also assists students who are preparing for the EC Council’s Ethical Hacking and Countermeasures (CEHv6) exam 312-50.

Target Audience

Existing or in-training IT security professionals seeking detailed security penetration testing skills


A technical background with a solid understanding of networks and networking concepts, such as TCP/IP, IP Routing, and LAN Switching, as well as Windows and/or UNIX/LINUX operating systems; a general familiarity with the principles and usage of command-line, coding, and GUI-based technologies for manipulating IT operating systems

Expected Duration

120 min.

Course Objectives

Hacking Web Servers

  • recognize how to use Telnet for banner grabbing
  • identify the countermeasures you can take against web server attacks
  • recognize the IIS server attack types
  • Web Application Vulnerabilities

  • identify web application vulnerabilities
  • recognize the countermeasures to web server application attacks
  • Web-based Password Cracking

  • recognize common methods of authentication
  • recognize countermeasures to password-cracking attacks
  • Web-based Hacking

    SQL Injection

  • identify examples of SQL injection attacks
  • recognize the steps an attacker may take when preparing to perform a SQL injection attack
  • identify SQL injection countermeasures
  • recognize various types of SQL injection attacks
  • Buffer Overflows

  • recognize how buffer overflow attacks occur
  • recognize how to defend off-the-shelf products against buffer overflow attacks
  • SQL Injection and Buffer Overflow Countermeasures