SQL Injection

It is an attack technique used to attack database-based applications; where the attacker takes advantage of SQL language features and adds new SQL statements to the corresponding field on the standard application screen.

https://www.netsparker.com/blog/web-security/sql-injection-vulnerability/
https://www.neuralegion.com/blog/sql-injection-payloads/
https://github.com/payloadbox/sql-injection-payload-list

Login

Try to login to the system.

Find the Passwords

Access the passwords in the Database.

Boolean-Based Blind SQL Injection

Use brute force to guess existing database records.

Error-Based Blind SQL Injection

Use SQL injection to find existing database records.

Time-Based Blind SQL Injection

Injecting a time delay to find SQL injection.