Hi In this post we will discuss what is SQL Injection attack. and how its may affect ur any web application its use the backend database. Here i concentrate on java web application. Open Web Application Security Project(OWAP) listed that SQL Injection is the top vulnerability attack for web application. Hacker's they Inject the SQL code in web request to the web application and take the control of backend database, even that backend database is not directly connected to internet. And we will see how to solve and prevent the SQL Injection in java Web Application. For this purpose we need 1 tools. these tool are completely open source. SQL Map - SqlMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL Injection. we can get it from here . SQLInjection SQL injection is the technique to extract the database information through web application. Scenario: we have one database server [MySQL] and web application ser