CodeNewbie Community


Posted on

What is SQL injection?

Learn the SQL injection technique of attack, types of SQL injection and the tools used, how to detect SQL injection, tools used for wireless network hacking and mobile platform hacking.

A SQL Injection is the point at which an aggressor executes invalid or danger SQL explanations where it is utilized to control the data set worker of a web application. It is utilized to adjust, add or erase the records in the data set without the client's information. This trade offs the information trustworthiness. Quite possibly the main advance to stay away from SQL infusion is input approval. You can be expert in avoiding these types of attacks if you have proper knowledge in Cyber Security. You can get it by enrolling in any courses in Cyber Security online.

Types of SQL Injection:
There are different types of SQL Injection attacks such as –

Classic or In-band SQL Injection
Error-based – Attacker uses the error generated by database to attack the
Union-based – Leverages UNION SQL operator to combine to a response to return to HTTP response.
Blind or Inferential SQL Injection
Boolean-based – Based on TRUE or FALSE return
Time-based – Sends SQL injection that forces database to wait before responding.
Out-of-band SQL Injection – It occurs when the attacker cannot use the same channel to attack and gather results.
Tools for SQL injection:
There are few tools used for SQL injection attack such as –

SQLMap – It is used for automatic SQL Injection And it is a Database Takeover Tool
Blind-Sql-BitShifting – It is a blind SQL Injection using BitShifting
jSQL Injection – It is a java tool used for automatic SQL Database Injection
BBQSQL – It is a blind SQL Injection Exploitation Tool
Whitewidow – Scanning tool for vulnerability of SQL Database
explo – It is a human And Machine-Readable Web Vulnerability Testing Format
Leviathan – It is a wide range audit toolkit
Blisqy – It is used to exploit time-based blind-SQL injection in HTTP-Headers

Discussion (0)