Injection is the number 1 attack category in the OWASP Top 10 and for good reason: injection flaws are extremely damaging because they allow an attacker to execute arbitrary commands, either on on the host running the application or on the database server. This Application Security Lesson will teach you what is Injection, types of Injection, explain how to find it, how to exploit it and how to prevent it.