Loading video...

Video Failed to Load

Go Home

We’ve known about SQL injection attacks for a long time. Catch vulnerable code before it’s committed to your codebase. 🔍🔒

github's profile picture

GitHub

2,666,746 subscribers

72,022 views • 3 years ago •via X (Twitter)

Science & TechnologyNews & PoliticsEducation
LIVE

Anya Rossi• Live Now

Private livecam show

9 Comments

psycopg's profile picture
psycopg3 years ago

What is a SQL injection?

mRr3b00t's profile picture
mRr3b00t3 years ago

Irl footage of me catching SQLi ! 🤙😏

Barney Laurance's profile picture
Barney Laurance3 years ago

What happens if the vulnerability is created by the merge commit from the PR to main? Maybe unlikely, but it would be nice to have the scan run on the main branch as part of the deployment pipeline, not only on PR branches.

Thomas Edwin's profile picture
Thomas Edwin3 years ago

When will it available for pro subscribers?

Christoffer Noring's profile picture
Christoffer Noring3 years ago

@davidpine7 Love a great video from @GeekTrainer :)

🇺🇦 Maarten Ballintijn 🌍🇪🇺🇳🇱🇺🇸's profile picture
🇺🇦 Maarten Ballintijn 🌍🇪🇺🇳🇱🇺🇸3 years ago

Bobby Tables lives!

None's profile picture
None3 years ago

Why not do this check for other types of exploits or viruses? PHP exploits are a good example to catch. And why do you need to press a button to do this? Just mark it on commit.

Information Shrekurity's profile picture
Information Shrekurity3 years ago

I'd argue people stashing secrets and other important bits of information into public repositories is a bigger issue.

Craig Francis's profile picture
Craig Francis3 years ago

To prevent Injection Vulnerabilities completely (taint checking or basic scanners aren’t good enough), you must use parameterised queries, and enforce their correct use by requiring a “developer defined string” for the SQL, HTML template, etc …

Related Videos

Secure your code against SQL injection! 🛡️ GitHub Copilot can help you write safer SQL queries and avoid vulnerabilities. ✅ Learn how and get more security best practices with Copilot here. ⬇️
1:36

Secure your code against SQL injection! 🛡️ GitHub Copilot can help you write safer SQL queries and avoid vulnerabilities. ✅ Learn how and get more security best practices with Copilot here. ⬇️

GitHub

27,520 views • 1 year ago

SQL Injection Hackers Grand Entrance To Your Database
8:16

SQL Injection Hackers Grand Entrance To Your Database

The Tech Prophet (Amospikins)

67,038 views • 6 months ago

Do you often answer the same questions about how part of the codebase works? 🤔 Group the code or documentation in a GitHub Copilot Space and share the link with teammates. ⬇️
1:03

Do you often answer the same questions about how part of the codebase works? 🤔 Group the code or documentation in a GitHub Copilot Space and share the link with teammates. ⬇️

GitHub

37,565 views • 11 months ago

Excited to share our progress 🔥 Introducing Codegen: the IDE for Refactors. Codegen allows you to programmatically analyze and manipulate your codebase. ✅ Safely transform code at scale 🔍 Visualize complex code structures ⚡ Purpose-built for AI-assisted development 1/
0:52

Excited to share our progress 🔥 Introducing Codegen: the IDE for Refactors. Codegen allows you to programmatically analyze and manipulate your codebase. ✅ Safely transform code at scale 🔍 Visualize complex code structures ⚡ Purpose-built for AI-assisted development 1/

Jay Hack

69,856 views • 1 year ago

mingyu you’re so precious 🥹!! #민규 #MINGYU 🐶 we shouldn’t say things like ‘we’ve been around for a long time’ or ‘we’ve done this for so long’ with our own mouths that kind of talk makes us lose energy It’s okay to think, ‘we’ve been working hard for a long time but if we start saying things like wow it’s been so long then… it feels like we’re already slowing down. I feel like we still have a long way to go rather than feeling like we’ve been doing this for a long time, I think it’s more right to feel like we still have a long road ahead 🥺
0:34

mingyu you’re so precious 🥹!! #민규 #MINGYU 🐶 we shouldn’t say things like ‘we’ve been around for a long time’ or ‘we’ve done this for so long’ with our own mouths that kind of talk makes us lose energy It’s okay to think, ‘we’ve been working hard for a long time but if we start saying things like wow it’s been so long then… it feels like we’re already slowing down. I feel like we still have a long way to go rather than feeling like we’ve been doing this for a long time, I think it’s more right to feel like we still have a long road ahead 🥺

ᴡᴇɴᴅʏ | 𝘴𝘩𝘢𝘬𝘦 𝘪𝘵 𝘰𝘧𝘧 🩶

89,290 views • 9 days ago

➡️ Here's how you can turn your entire codebase into a single LLM prompt. Meet Promptor.
0:33

➡️ Here's how you can turn your entire codebase into a single LLM prompt. Meet Promptor.

GitHub

34,107 views • 11 months ago

SQL INJECTION (Login page bypass)
0:37

SQL INJECTION (Login page bypass)

Abdulkadir | Cybersecurity

401,287 views • 5 months ago

We’ve been waiting a long time to say this… IT’S FINALLY GAME WEEK‼️ #YellCornell
0:44

We’ve been waiting a long time to say this… IT’S FINALLY GAME WEEK‼️ #YellCornell

Cornell Football

13,354 views • 8 months ago

We’ve been dreaming about this intro for a long time too TOMORROW. GREG OLSEN. REESE'S
0:59

We’ve been dreaming about this intro for a long time too TOMORROW. GREG OLSEN. REESE'S

New Heights

729,817 views • 4 months ago

#LenaMiuxFANDOMLIVE 🦋: mum, this is Miu, she’s a junior from the faculty and we’ve known each other for a long time now. 🧸: 🤭 🦋: and she’s a cheerleader at Chula (uni) as well. I’ve seen her for a long time, we’ve been talking and I made the first move since then and it’s going into the eighth year of being together. So it’s an auspicious time, mum… 🧸: I do (in marriage) 😂 : she has asked for to marry you yet
0:37

#LenaMiuxFANDOMLIVE 🦋: mum, this is Miu, she’s a junior from the faculty and we’ve known each other for a long time now. 🧸: 🤭 🦋: and she’s a cheerleader at Chula (uni) as well. I’ve seen her for a long time, we’ve been talking and I made the first move since then and it’s going into the eighth year of being together. So it’s an auspicious time, mum… 🧸: I do (in marriage) 😂 : she has asked for to marry you yet

Shez.

20,582 views • 5 months ago

Hello World 👋 Macroscope uses your codebase to automatically summarize product development activity, answer questions (about product and codebase functionality, and dev progress) and catch bugs. Sign up now and get a 2 week free trial.
1:58

Hello World 👋 Macroscope uses your codebase to automatically summarize product development activity, answer questions (about product and codebase functionality, and dev progress) and catch bugs. Sign up now and get a 2 week free trial.

Macroscope

252,091 views • 8 months ago

"We've known for a long time [Epstein] was talking about potentially farming babies under the ranch"
8:09

"We've known for a long time [Epstein] was talking about potentially farming babies under the ranch"

Fight Back Podcast

14,916 views • 1 month ago

It’s time to have a real conversation about Caleb Williams. It’s far too early to label him a bust, but he has to play better. This was an embarrassing loss for Chicago — the kind we’ve seen far too many times before.
1:56

It’s time to have a real conversation about Caleb Williams. It’s far too early to label him a bust, but he has to play better. This was an embarrassing loss for Chicago — the kind we’ve seen far too many times before.

Dave

134,519 views • 7 months ago

Now this is SQL injection. Watch and learn
0:37

Now this is SQL injection. Watch and learn

Cyber_Racheal

85,680 views • 3 months ago

🆕 Anthropic's Claude Opus 4.8 is now generally available and rolling out in GitHub Copilot. Early testing shows: • It demonstrates a clear step forward in code understanding and generation across a range of real-world coding tasks. • It handles complex problem-solving and large-codebase navigation with notable improvement to previous versions. Try it out in Visual Studio Code or Copilot CLI.
0:44

🆕 Anthropic's Claude Opus 4.8 is now generally available and rolling out in GitHub Copilot. Early testing shows: • It demonstrates a clear step forward in code understanding and generation across a range of real-world coding tasks. • It handles complex problem-solving and large-codebase navigation with notable improvement to previous versions. Try it out in Visual Studio Code or Copilot CLI.

GitHub

205,682 views • 7 days ago

How to Become a True GHOST? Invite your friend now using your referral code and start playing together! Your referral code gives 10,000 points. This thread is about the opportunity we’ve prepared for you to earn WL
0:30

How to Become a True GHOST? Invite your friend now using your referral code and start playing together! Your referral code gives 10,000 points. This thread is about the opportunity we’ve prepared for you to earn WL

Ghosts

44,034 views • 1 year ago

How Attackers list entire databases using sql injection
0:59

How Attackers list entire databases using sql injection

Abdulkadir | Cybersecurity

29,556 views • 4 months ago