The workshop is about SQL Injection based intrusions and what kind of possibilities we have to protect our application. Starting from the beginning, to steal the entire database. The demonstration contains the well-known authentication bypass and also other interesting things. For example how to protect our queries by escaping the quotes and how can be bypassed the protection. In another example, it will be shown how to get sensitive information from the database for example the users’ password or the database’s root password. In the final stage Daniel will propose some defending approaches which could protect your application and database against these vulnerabilities. The presenter will speak about prepared statement and stored procedures and the intrusion detection systems.