[&] Which of the following is NOT a method discussed for testing SQL injection vulnerabilities?
- Time-based blind injection
- String manipulation in requests
- Error-based SQL injection
- Brute force password attacks

[&] What can you use to automate SQL injection testing according to the video?
- Burp Suite Intruder
- Web development frameworks
- Spreadsheet software
- OS command-line tools

[&] What is a potential consequence of performing a successful SQL injection?
- Deleting or modifying database records
- Increasing database storage capacity
- Gaining unauthorized access to system files
- Extracting encrypted passwords

[&] What is a key cautionary point when performing a pen test on a web service?
- Ensure not to delete or modify data unintentionally.
- Always perform tests in live environments.
- Never use automated tools.
- Debug the web service code first.

[&] Which technique did the video suggest to identify SQL injection vulnerabilities?
- Using complex SQL queries
- String termination with a single quote
- String concatenation
- Modifying the SQL operations

[&] Why is monitoring response length important in a brute force attack?
- It reduces the time taken to brute force
- It confirms the attack type
- It helps identify anomalies indicating successful access
- It verifies that no rate limiting is applied