SQLI labs


SQLI-LABS is a platform to learn SQLI Following labs are covered for GET and POST scenarios:

  1. Error Based Injections (Union Select)

    1. String
    2. Intiger
  2. Error Based Injections (Double Injection Based)

  3. BLIND Injections: 1.Boolian Based 2.Time Based

  4. Update Query Injection.

  5. Insert Query Injections.

  6. Header Injections. 1.Referer based. 2.UserAgent based. 3.Cookie based.

  7. Second Order Injections

  8. Bypassing WAF

    1. Bypassing Blacklist filters Stripping comments Stripping OR & AND Stripping SPACES and COMMENTS Stripping UNION & SELECT
    2. Impidence mismatch
  9. Bypass addslashes()

  10. Bypassing mysql_real_escape_string. (under special conditions)

  11. Stacked SQL injections.

  12. Secondary channel extraction

GitHub Source

https://github.com/vulnspy/sqli-labs

Reference

Audi-1/sqli-labs - https://github.com/Audi-1/sqli-labs
AUDI'S Sqli-Labs Series - http://www.securitytube.net/user/Audi
SQLi-LABS on Facebook - https://www.facebook.com/sqlilabs

All rights reserved. © 2018 VULNSPY