0xshinPro0xshin.hashnode.dev·11 hours agoSQL Injection Types Supported by SQLMap - SQL Map 01Objective: To provide a detailed, step-by-step guide on the various SQL injection types supported by SQLMap, enabling learners to understand and identify each type effectively. Introduction to SQLMap SQLMap is a powerful penetration testing tool for...DiscussCPTS Journeysqlmap
0xshinPro0xshin.hashnode.dev·Apr 21, 2024SQLi Series - Reading Files through SQL Injection - 08Introduction SQL Injection can be used for more than just gathering data from tables and databases It can also be leveraged to read and write files on the server In some cases, it can even lead to remote code execution on the back-end server Pri...Discusspente
0xshinPro0xshin.hashnode.dev·Apr 19, 2024SQLi Series - Intro to SQL Union Injection II - 041.Understanding Union-Based SQL Injection a) Explanation: Union-based SQL injection allows attackers to retrieve data from different tables within the database by appending a UNION SELECT statement to the original query. The UNION operator combines...DiscussCPTS Journeypentesting
0xshinPro0xshin.hashnode.dev·Apr 14, 2024SQLi Series - Intro to SQL Union Injection - 031. Introduction to Union SQL Injection In the realm of SQL injection attacks, Union-based SQL injection stands out as a powerful technique that allows attackers to extract sensitive information from multiple tables and databases within a vulnerable a...Discuss·59 readsCPTS JourneyUnion Injection
0xshinPro0xshin.hashnode.dev·Apr 14, 2024SQLi Series - Basic Bypassing Techniques - 021. Introduction Now that we have a basic understanding of how SQL statements work, let's dive into SQL injection. Before executing entire SQL queries, we will learn how to modify the original query by injecting the OR operator and using SQL comments ...DiscussCPTS Journey#sqlinjection
0xshinPro0xshin.hashnode.dev·Apr 11, 2024SQLi Series - Intro to MySQL and SQL Injection - 01What is MySQL? MySQL is a popular open-source relational database management system (RDBMS) that uses Structured Query Language (SQL). SQL Injection SQL Injection is a code injection technique that exploits vulnerabilities in the database layer of an...DiscussCPTS Journeymysql tutorial
Joel O.joelodey.hashnode.dev·Apr 8, 2024Lab: SQL injection attack, listing the database contents on non-Oracle databasesIn this educational guide, we will explore the practical application of Burp Suite to identify and exploit SQL injection vulnerabilities, highlighting the importance of robust security practices. Step 1: Intercepting and Modifying Requests with Burp ...DiscussPortSwigger SQL injection (SQLi) Labs#sqlinjection
Mainul Hasanhashnode.mmainulhasan.com·Apr 7, 2024A Guide to Common Web Application Security Vulnerabilities and MitigationIn today’s digital age, web applications have become central to the operations of businesses across the globe. At the same time, these applications offer unprecedented convenience and functionality but pose significant security risks. This blog post ...Discuss#sqlinjection
Joel O.joelodey.hashnode.dev·Apr 1, 2024Lab: SQL injection UNION attack, retrieving data from other tablesIn this educational guide, we will walk through the process of using Burp Suite to intercept and modify requests, focusing on the product category filter. Our objective is to unveil potential SQL injection vulnerabilities, understand the database str...DiscussPortSwigger SQL injection (SQLi) LabsSQLi
Joel O.joelodey.hashnode.dev·Mar 25, 2024Lab: SQL injection attack, querying the database type and version on OracleTo exploit SQL injection, it's crucial to understand the structure of the database query. Use a payload to determine the number of columns returned by the query and identify columns containing text data. For instance, inject the following payload int...DiscussPortSwigger SQL injection (SQLi) Labs#sqlinjection