Introduction to LDAP Injections

Use LDAP? If your applications allow any sort of user-input in LDAP queries, you could be vulnerable to LDAP injections. In this ebook, we provide an introduction to LDAP injections with realistic examples of attacks, different techniques that can be used by threat agents, and primary as well as secondary defense options to prevent those attacks from happening against your own applications.

This introduction to LDAP Injections is an excerpt from our Injection Attacks: The Free 2020 Guide course.

What's Inside?

Overview of LDAP Injections

In this chapter of the ebook, we start off by explaining what LDAP is, and then we jump right into LDAP injections. We take a look at how LDAP injections work and how damaging they can be.

LDAP Injection attack techniques

After understanding the concepts of LDAP and LDAP injections, we take a closer look at various LDAP injection attack techniques that could be used by threat agents against your applications.

Defenses against LDAP Injections

Once you are familiar with LDAP injection concepts, it’s time to learn how to defend your applications from such a dangerous vulnerability.

In this chapter, we cover:

Primary defense controls
Secondary defense controls
Code Review & Automated Tool recommendations

Author spotlight

Christophe Limpalair

After learning first-hand why Application Security was important in his early teens, Christophe spent a number of years training individuals and organizations (SMB & F500) on how to use cloud services efficiently. After his journey of building two successful IT businesses to acquisition in the last six years, he realized that most also struggle with building secure software, so he co-founded Cybr and wrote this ebook as well as a corresponding course to help make the world a more secure place.