If you want to master SQL injections, open this thread!
SQL injection attacks are vulnerabilities that can allow attackers to access ANY data in a victim's database!π€―
A Thread π§΅π
SQL injection attacks are vulnerabilities that can allow attackers to access ANY data in a victim's database!π€―
A Thread π§΅π
[1οΈβ£] SQL injection by @PortSwigger
When talking about web vulnerabilities, PortSwigger academy is the place to go! Their labs offer a great way to practice your skills as well!
π portswigger.net/web-security/sβ¦
When talking about web vulnerabilities, PortSwigger academy is the place to go! Their labs offer a great way to practice your skills as well!
π portswigger.net/web-security/sβ¦
[2οΈβ£] Cheatsheet by @pentest_swissky
With so many different kinds of databases out there, you're definitely going to want a good cheatsheet to quickly look up what you need. PayloadsAllTheThings is perfect for that!
π github.com/swisskyrepo/Paβ¦
With so many different kinds of databases out there, you're definitely going to want a good cheatsheet to quickly look up what you need. PayloadsAllTheThings is perfect for that!
π github.com/swisskyrepo/Paβ¦
[3οΈβ£] Hacking with SQLi by @secaura_
This is one of the BEST videos out there on SQL injections. I've never had so much fun whilst learning!
π
This is one of the BEST videos out there on SQL injections. I've never had so much fun whilst learning!
π
[4οΈβ£] Sqlmap by @bdamele and @stamparm
SQLmap is THE tool when it comes to finding SQL injections. There is just nothing there that comes even close to what sqlmap can do!
π sqlmap.org
SQLmap is THE tool when it comes to finding SQL injections. There is just nothing there that comes even close to what sqlmap can do!
π sqlmap.org
[5οΈβ£] Sqlmap in Burp by @codewatchorg
This BurpSuite extension allows you to launch SQLMap scans from within Burp, and it's amazing!
π portswigger.net/bappstore/f154β¦
This BurpSuite extension allows you to launch SQLMap scans from within Burp, and it's amazing!
π portswigger.net/bappstore/f154β¦
[6οΈβ£] Hackademy by @intigriti and @PascalSec
Intigriti has their own Hackademy explaining vulnerabilities, such as this article on SQL injections. It even comes with a bunch of great videos!
π blog.intigriti.com/hackademy/sql-β¦
Intigriti has their own Hackademy explaining vulnerabilities, such as this article on SQL injections. It even comes with a bunch of great videos!
π blog.intigriti.com/hackademy/sql-β¦
[7οΈβ£] SQLi Prevention by @owasp
Knowing how to prevent vulnerabilities is a great asset for any bug bounty hunters. Spotting secure patterns can greatly help you hunt more efficiently!
π cheatsheetseries.owasp.org/cheatsheets/SQβ¦
Knowing how to prevent vulnerabilities is a great asset for any bug bounty hunters. Spotting secure patterns can greatly help you hunt more efficiently!
π cheatsheetseries.owasp.org/cheatsheets/SQβ¦
[8οΈβ£] Writeup by @OmarHashem666
One of the best ways to get better at something is to learn from the experts, from the people who have done it. This writeup is a great way to learn!
π infosecwriteups.com/how-i-found-muβ¦
One of the best ways to get better at something is to learn from the experts, from the people who have done it. This writeup is a great way to learn!
π infosecwriteups.com/how-i-found-muβ¦
[9οΈβ£] Finding an unseen SQL Injection by bypassing escape functions in mysqljs/mysql by @flatt_security
This blog post blew our minds! Flatt_security were able to bypass the escape functions in one of the most used nodeJS SQL libraries!
π flattsecurity.medium.com/finding-an-unsβ¦
This blog post blew our minds! Flatt_security were able to bypass the escape functions in one of the most used nodeJS SQL libraries!
π flattsecurity.medium.com/finding-an-unsβ¦
[π] SQLi Lab on @RealTryHackMe
TryHackMe is a great platform to practice your skills, definitely check out this great room on SQL injections!
π tryhackme.com/room/sqlilab
TryHackMe is a great platform to practice your skills, definitely check out this great room on SQL injections!
π tryhackme.com/room/sqlilab
That's all for this thread! π§΅
You've learned enough to go out there and find some SQL injections! π©βπ»
Do you know any more resources? Be sure to share them in the comments! π₯
And if you want more of these threads, be sure to leave a like π
You've learned enough to go out there and find some SQL injections! π©βπ»
Do you know any more resources? Be sure to share them in the comments! π₯
And if you want more of these threads, be sure to leave a like π
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
