Jan 20 · 4 min read · Introduction SQL injection remains one of the most damaging web vulnerabilities, even in 2026. Despite years of improvements such as ORMs, prepared statements, secure frameworks, and Web Application Firewalls, real-world systems still expose injectio...
Join discussion
Jul 10, 2025 · 2 min read · Scenario You are given access to a web application with basic protection mechanisms. Use the skills learned in this module to find the SQLi vulnerability with SQLMap and exploit it accordingly. To complete this module, find the flag and submit it her...
Join discussion
Jun 27, 2025 · 9 min read · Skills - Web Fuzzing - SQLMAP / SQLI - tar command / wildcar "*" Abusing (Extra) - find command sudo escalation privilage Reconocimiento Para comenzar, vamos a crear nuestro directorios de trabajo, para empezar con la fase de reconocimiento $ mkdir...
Join discussionFeb 6, 2025 · 5 min read · In the realm of web application security, identifying vulnerabilities like SQL injection is critical to protecting sensitive data. One of the most powerful tools in a pentester's arsenal is SQLMap, an open-source penetration testing tool designed to ...
Join discussion
Nov 3, 2024 · 1 min read · In this article, I will write a write-up for SQLMap: The Basics that covers SQL Injection Vulnerability, Automated SQL Injection Tool, and a Practical Exercise. This room was a bit complicated to me so I’ll share this LinkedIn article that has clear ...
Join discussion
Apr 24, 2024 · 3 min read · Objective: To provide a detailed, step-by-step guide on the various SQL injection types supported by SQLMap, enabling learners to understand and identify each type effectively. Introduction to SQLMap SQLMap is a powerful penetration testing tool for...
Join discussion
May 5, 2023 · 3 min read · Vấn đề Trong quá trình pentest, team mình có gặp phải trường hợp liên quan đến lỗ hổng SQL Injection qua WebSocket. Dù đã detect được thông Burp Suite nhưng team muốn exploit, dump database của con web thông SQLMap mà có một vấn đề là SQLMap chỉ có t...
Join discussion