Welcome
SQLinjection.net is a free online reference about SQL injection attacks. We provide a complete tutorial about this security issue, examples and techniques to secure you application. You don’t know where to start? Here are the sections you should take a look at.
The basics
What is SQL injection, what are the risks associated with this security issue, how popular is it and where can it be found?
Tutorial
Learn how to detect SQL injection flaws and find out how it is used by attackers to extract sensible information from database.
Avoid SQL Injection
Everything you need to know to secure your websites, applications and database servers against SQL injections.
Advanced
Learn advanced techniques used by professional pen-testers to find SQL injections flaws, exploit them and gain complete control over the database.
Information Security
SQL injection attacks are gaining in popularity and it becomes really important for anyone working with databases to understand what this security issue is, how it works and how dangerous it can be.
Since most documentation about the topic is either very limited or really advanced, this website aims to provide a good and complete reference for a broad audience. By the same occasion, it tries to raise awareness of IT professionals about the importance of SQL injection and the severity of this misunderstood and overlooked vulnerability.
This website presents different ways to exploit a SQL injection from the attacker perspective in order to illustrate what is vulnerable and why. It also explains how system administrators and developers should proceed in order to avoid SQL injection flaw and minimize impacts if some vulnerability is found by a hacker.
Simulation Environment
You want to apply what you learned on this website? We provide a free simulation environment for you to pratice SQL injection attacks.
Deploying this simulation environment on your computer will not put your system at risk and it does not require particular skills. You should be able to set it up within a few minutes! To learn more refer to the SQL injection testing environment section.
Spread the Word
Help us sensitize more people about SQL injection!