Setting up a lab for SQLi
The next exercise we are going to go over involves setting up an EC2 instance, installing a vulnerable web program, and installing the Docker service on your EC2 instance. Once everything is up and running, we'll start looking into some actual SQLi and testing vulnerable areas of the web application.
The vulnerable application we are installing, Juice Shop, is a very popular web application full of hacking challenges that range from different levels of difficulty – it even comes with a hacker dashboard that you can use to track your progress. To discover more about this application, OWASP has a page full of useful information about the project (https://owasp.org/www-project-juice-shop/).
Important note
This exercise does not involve Aurora – it involves SQLi and pentesting parameters that you may see used with websites using Aurora. The purpose of the exercise is to get more familiar with SQLi and how dangerous it can be.
...
