This interactive lesson introduces code injection attacks, in which an attacker supplies untrusted input to a program and it gets processed as part of a command or query, altering the execution of the program. Types of code injection attacks include cross-site scripting, operating system command injections, SQL injections, and buffer overflow.

This interactive lesson was made possible by funding from National Science Foundation Grant # DUE 1601612 at Brookdale Community College in Lincroft, New Jersey – PI Mike Qaissaunee, with contributions from Dr. John Sands & Susan Sands of Moraine Valley Community College and Jaime Mahoney of Bunker Hill Community College.

All Interactive Lessons