SQLI labs

https://github.com/vulnspy/sqli-labs
vulnspy 发布于 2020年04月24日

SQLI-LABS is a platform to learn SQLI Following labs are covered for GET and POST scenarios:

  1. Error Based Injections (Union Select)

    1. String
    2. Intiger
  2. Error Based Injections (Double Injection Based)

  3. BLIND Injections: 1.Boolian Based 2.Time Based

  4. Update Query Injection.

  5. Insert Query Injections.

  6. Header Injections. 1.Referer based. 2.UserAgent based. 3.Cookie based.

  7. Second Order Injections

  8. Bypassing WAF

    1. Bypassing Blacklist filters Stripping comments Stripping OR & AND Stripping SPACES and COMMENTS Stripping UNION & SELECT
    2. Impidence mismatch
  9. Bypass addslashes()

  10. Bypassing mysql_real_escape_string. (under special conditions)

  11. Stacked SQL injections.

  12. Secondary channel extraction

GitHub Source

https://github.com/vulnspy/sqli-labs

Reference

Audi-1/sqli-labs - https://github.com/Audi-1/sqli-labs
AUDI'S Sqli-Labs Series - http://www.securitytube.net/user/Audi
SQLi-LABS on Facebook - https://www.facebook.com/sqlilabs

举报/反馈

发布评论 Admin

进行中...
进行中...
START TO HACK
点击上方按钮启动在线环境
Copyright © 2020 VSPlate
2b5919e9ee22683512b94d9bd046dd3d