Intigriti Jan 9, 2023

If you want to master SQL injections, open this thread!

SQL injection attacks are vulnerabilities that can allow attackers to access ANY data in a victim's database!🤯

A Thread 🧵👇

Show threadIntigriti Jan 9, 2023

[1️⃣] SQL injection by @PortSwigger

When talking about web vulnerabilities, PortSwigger academy is the place to go! Their labs offer a great way to practice your skills as well!

👇 https://portswigger.net/web-security/sql-injection

What is SQL Injection? Tutorial & Examples | Web Security Academy

In this section, we'll explain what SQL injection (SQLi) is, describe some common examples, explain how to find and exploit various kinds of SQL injection ...

Show threadIntigriti Jan 9, 2023

[2️⃣] Cheatsheet by @pentest_swissky

With so many different kinds of databases out there, you're definitely going to want a good cheatsheet to quickly look up what you need. PayloadsAllTheThings is perfect for that!

👇 https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL%20Injection

PayloadsAllTheThings/SQL Injection at master · swisskyrepo/PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - PayloadsAllTheThings/SQL Injection at master · swisskyrepo/PayloadsAllTheThings

GitHub
Show threadDROP\ TABLE Hacker of Earthsea
@Intigriti my payloads are actually from portswigger cheat sheet, they provide you with all the blocks to construct more advanced stuff. https://portswigger.net/web-security/sql-injection/cheat-sheet
SQL injection cheat sheet | Web Security Academy

This SQL injection cheat sheet contains examples of useful syntax that you can use to perform a variety of tasks that often arise when performing SQL ...

Jan 9, 2023 at 1:41pmWeb