Awesome
Advanced SQL Injection Cheatsheet
This repository contains a advanced methodology of all types of SQL Injection.
General Process:
- Find injection point
- Understand the website behaviour
- Send queries for enumeration
- Understanding WAF & bypass it
- Dump the database
Cheat Sheet Tree
MySQL Injection Cheatsheet
- Error- or UNION-based SQLi
- Boolean-based (content-based) Blind SQLi
- Time Based SQLi
- Stabilise & Whitespace Filter Bypass
- Local File Inclusion (LFI)
- Privilege Escalation
PostgreSQL Injection Cheatsheet
- Error- or UNION-based SQLi
- Local File Inclusion (LFI) (Coming soon)
- Privilege Escalation (Coming soon)