Analytics Story: SQL Injection

Description

Use the searches in this Analytic Story to help you detect structured query language (SQL) injection attempts characterized by long URLs that contain malicious parameters.

Why it matters

It is very common for attackers to inject SQL parameters into vulnerable web applications, which then interpret the malicious SQL statements. This Analytic Story contains a search designed to identify attempts by attackers to leverage this technique to compromise a host and gain a foothold in the target environment.

Detections

Name ▲▼ Technique ▲▼ Type ▲▼
SQL Injection with Long URLs Exploit Public-Facing Application TTP

Data Sources

Name ▲▼ Platform ▲▼ Sourcetype ▲▼ Source ▲▼

References


Source: GitHub | Version: 1