mirror of
https://github.com/0x5t4l1n/hunting.git
synced 2026-05-26 11:35:51 +00:00
copilot-swe-agent[bot]
ba72efbc5e
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
658 B
658 B
SQL Injection
Description
SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. This can allow an attacker to view, modify, or delete data that they are not normally able to retrieve.
Common Attack Vectors
- Login forms
- Search fields
- URL parameters
- HTTP headers
- Cookie values
Testing Approach
Submit malicious SQL syntax in input fields and observe application behavior, error messages, and response times to identify SQL injection vulnerabilities.
Payloads
See sql-injection-payloads.txt for a comprehensive list of SQL injection payloads.