-
Notifications
You must be signed in to change notification settings - Fork 78
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Active Test / SQLI #73
Labels
New active check
New active check
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application.
The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
The check has to simulate a SQL Injection on every Method/Endpoint where parameter should be vulnerable.
For more info :
https://book.hacktricks.xyz/pentesting-web/sql-injection
The text was updated successfully, but these errors were encountered: