Instituto Politécnico de Leiria Escola Superior de Tecnologia e Gestão Departamento de Engenharia Informática Mestrado em Cibersegurança e Informática Forense AUTOMATED,SCHEDULEDANDCI/CDWEB INJECTION mykyta zhygulskyy Leiria, Fevereiro de 2021 [ January 15, 2021 at 18:25 – Version 1 ] [ January 15, 2021 at 18:25 – Version 1 ] Instituto Politécnico de Leiria Escola Superior de Tecnologia e Gestão Departamento de Engenharia Informática Mestrado em Cibersegurança e Informática Forense AUTOMATED,SCHEDULEDANDCI/CDWEB INJECTION mykyta zhygulskyy Número: 2180074 Projeto realizada sob orientação do Professor Ricardo Gomes (
[email protected]). Leiria, Fevereiro de 2021 [ January 15, 2021 at 18:25 – Version 1 ] [ January 15, 2021 at 18:25 – Version 1 ] ACKNOWLEDGEMENTS I thank my advisor Ricardo Jorge Pereira Gomes, for all the guidance and availability along this path, for all the help, for all the technologies and tools that were taught to me, and more especially for many of the doubts solved, and also in the way of thinking, problem-solving. I would also like to thank Professor Mário Antunes for providing me this advisor for the implementation of this project. i [ January 15, 2021 at 18:25 – Version 1 ] [ January 15, 2021 at 18:25 – Version 1 ] ABSTRACT This report is made within the Curricular Unit (UC) Project, in the 2nd year of the Master in Cyber-security and Forensic Informatics (MCIF) provided by the Polytechnic Institute of Leiria (IPL). The purpose of this project is to study SQL Injection vulnerabilities in web applications. According to OWASP (Open Web Application Security Project) [20][19], this is one of the more prevalent attacks on web applications.