2-Subverting application logic
3-Lab: SQL injection UNION attack, determining the number of columns returned by the query
4-Finding columns with a useful data type in an SQL injection UNION attack
5-Using an SQL injection UNION attack to retrieve interesting data
6-Lab: SQL injection UNION attack, retrieving multiple values in a single column
7-Lab: SQL injection attack, querying the database type and version on Oracle
8-Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft
9-Lab: SQL injection attack, listing the database contents on non-Oracle databases
10-Lab: SQL injection attack, listing the database contents on non-Oracle databases