College

College of Engineering and Polymer Science

Date of Last Revision

2026-05-06 06:30:16

Major

Computer Information Systems

Honors Course

CISS 491-001

Number of Credits

3

Degree Name

Bachelor of Science

Date of Expected Graduation

Spring 2026

Abstract

SQL injection (SQLi) attacks are a type of cyberattack that seeks to bypass website logins and gain entry to sensitive information. These pose a significant danger to organizations holding confidential user information. Personally Identifiable Information (PII) like physical addresses, emails, phone numbers, social security numbers are at risk of theft. Login credentials like usernames, passwords, and other sensitive information like financial details and social security numbers are also exposed through SQLi attacks. SQLi attacks harm the confidentiality, integrity, and availability of people’s identity. Additionally, data breaches that reach public battention harm the reputation and trust of organizations. SQLi attacks rank #5 on the OWASP Top 10 list of most prominent security risks to web applications in 2025. This is a major cyberattack that threatens the security of sensitive information and organizational reputation.

This research aims to uncover how SQLi attacks function and how data is stolen from confidential databases. Current research expands on advancements in SQLi attacks and defense, particularly with AI. Research today has not shown a systematic approach to attack and defense using open-source tools. This research seeks to bridge that gap by creating an attack (Red Team) and defense (Blue Team) simulation of SQLi attacks targeting a sensitive company website. This report seeks to demonstrate common SQLi attack categories and defense strategies to employ. This research is meant to focus on cybersecurity concepts within web-application security.

Research Sponsor

Nadhem Ebrahim

First Reader

Stanley Smith

Second Reader

Jeremiah Crawford

Honors Faculty Advisor

Janet Kropff

Proprietary and/or Confidential Information

No

Community Engaged Scholarship

No

Download

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.