After covering the basics of SCADA exploitation, let's move on to testing database services. In this section, our primary goal will be to test the databases and check for various vulnerabilities. Databases contain critical business data. Therefore, if there are vulnerabilities in the database management system, it can lead to remote code execution or full network compromise, which may lead to the exposure of a company's confidential data. Data related to financial transactions, medical records, criminal records, products, sales, marketing, and so on could be beneficial to the buyers of these databases in the underground community.
To make sure that the databases are fully secure, we need to develop methodologies for testing these services against various types of attack. Now, let's start testing databases and look at the different phases of...