SQL Injection - Lab #3 SQLi UNION attack determining the number of columns returned by the query

Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨

感谢，老师思路清晰，不疾不徐，听得懂的同时听得舒适

This is really What I was looking for, I felt lost.. I was doing it just because someone said it should be like that... you actually explained WHY we were doing that..
brilliant.
I Wish the best for you!
thank you thank you!

You are really the best in SQL teaching. Thanks to David Bombal, that's where i saw you and also i have met you again in the portswigger labs

I want to say THANK YOU.
As a newbie in this field, I don't even know where to start and how the logic works.
With your explanation, I now understand and be ready for the next challenge :")

Love from Bangladesh
thank you very much for your work and sharing with us.

Hey Rana! Hope you're well! just want to say I love your content! Very clear explanation!
Keep it up! subbed!

Wow, palestinian woman, who Explain a vulnerability best than any other one
thanks angel, grateful from Jordan

Thanks for the great video, Rana. Really appreciate it for your effort! Please keep it up

Thank you so much for your videos. You are doing a Great service for the community.

Thanks, Rana, for posting these series of burp-suite lab, very useful for me, the explained content is very precise and understandable, I will keep track of all them.,Once again, thanks you very much., indeed

As soon as I saw your first video, searched for the subscribe button ... Love from INDIA.. I am a newbie and felt so much comfortable , will continue to learn from all your videos only.

It is very nice that you explain the subject with the pre-solution sampling method and explain the question with more than one solution rather than one solution. I am starting to understand SQL better. Thank you for your hard work. Will there be a solution video for other issues after the SQLi series is over?

thank you!! what a amazing tutorial! the best by far!!

Thanks for the walk through, it was helpful for the project I am working on.

thanks rana .such a hardwork and lovely teacher 🙏❤️

thank you very much for your work and sharing with us.

Great! Love from India!

Very suitable video for beginners, thanks

Great thanks, it helps me to understand basics!

Awesome .Keep uploading

Thank you so much! You are just a Greate Teacher!

thank you so much for teach us in such a nice way😍...i love your explanation 🐧

Merci Hana !

Lovely demonstration, thanks a lot.

Excellent presentation... well done

Thank you it was great you made from starting and good explanation with introduction. @ Rana Khalil

Perfection 🥰

super interesting, I had no idea how to complete this on port swigger's academy

Thank you ! Best wish for you .

I want to say THANK YOU.

very good - thanks

Thank you ma'am 😊

Thanks for this

👏👏👏👏 Me encanta 👍

Do you need Burp Professional for the certification exam ?

thanks holy cow!

Why we need to know how many columns will be returned by the query. can we do sqli Union attack without knowing it ?

Hello Rana , I have a question but before I want to tell you that I have became fan of yours . keep up the good work!

Hi, in 15:40 how did you add the plus(+) sign like the way you did by selecting text and suddenly plus sign took the position of spaces?

the best

I am running burp suite community V 2022. 1. 1 when i use the built in browser it wont let me run the lab. Can anyone help?

what if we still get a 404 even after '-- ?

I followed the steps on both options I got 200 ok but the lab wont say its solved

Y eso que no tengo ni idea de ingles, ni de pyton. Te voy reproduciendo y traduciendo a cámara lenta 🤷‍♂

not gonna lie, I really wanted to know what happened if the plus sign wasn't used

16:30 you're welcome

You make it more complicated in this video