sql-injection-attacks

🎯 SQL Injection Payload List

SQL Injection Payload List

✈️ An enterprise level Flight Booking System for Turkish Airlines (web-application) based on the Model View Controller (MVC) Architecture made using Java Servlets, Java Server Pages (JSPs). Moreover authentication and authorization for users is implemented. The web-application is also secured against SQL Injection and Cross-Site Scripting attacks.

SQL Injection Vulnerability Scanner made with Python

Learning and hunting SQL injection bugs for 50 continuous days

Contraband filtering reverse proxy for plain http and SSL.

Secure Systems possessing SQL Injection Vulnerability

SQL Injection attack is the most common website hacking technique. Most websites use Structured Query Language (SQL) to interact with databases. SQL allows the website to create, retrieve, update, and delete database records. It used for everything from logging a user into the website to storing details of an eCommerce transaction. An SQL injection attack places SQL into a web form in an attempt to get the application to run it. For example, instead of typing plain text into a username or password field, a hacker may type in ‘ OR 1=1. If the application appends this string directly to an SQL command that is designed to check if a user exists in the database, it will always return true. This can allow a hacker to gain access to a restricted section of a website. Other SQL injection attacks can be used to delete data from the database or insert new data. Hackers sometimes use automated tools to perform SQL injections on remote websites. They will scan thousands of websites, testing many types of injection attacks until they are successful. SQL injection attacks can be prevented by correctly filtering user input. Most programming languages have special functions to safely handle user input that is going to be used in an SQL query.

PHPmvs is an old tool i wrote to test common web apps and server vulnerabilities

SQL Map in CORE JAVA

We are going to go through some techniques and common PHP use cases for Website Security. Website security is often overlooked- and that’s understandable, but basic security can be put down to lots of techniques.

sqlmap cheat sheet

Some vulnerables docker webapps

SQL Injection exploit 💉

It is a SQL injection vulnerable project with demonstration. It is developed using PHP and MySQL technologies. It also contains a youtube link where fully demonstrated SQL Injection.

Format SQL-Queries to avoid SQL-Injections - For Node-RED

It provides a vulnerable webserver (Apache) with html and php related scripts to configure the server. Also, some possible solutions are given to break the system.

Convenience wrapper around the sqlmap SQL injection tool to help with automation

Los(Lord of SQLinjection)에서의 문제를 풀고 정리하는 repo