UsefulLinks
Computer Science
Cybersecurity
SQL Injection
1. Introduction to SQL Injection
2. SQL Fundamentals for Security Testing
3. SQL Injection Classification
4. SQL Injection Attack Methodology
5. Advanced SQL Injection Techniques
6. Database-Specific SQL Injection
7. Prevention and Defense Strategies
8. SQL Injection Testing Tools
9. Detection and Monitoring
10. Legal and Ethical Considerations
11. Real-World Case Studies
5.
Advanced SQL Injection Techniques
5.1.
Second-Order SQL Injection
5.1.1.
Stored Input Exploitation
5.1.2.
Multi-Stage Attack Execution
5.1.3.
Detection Challenges
5.1.4.
Common Scenarios
5.2.
Stacked Query Injection
5.2.1.
Multiple Statement Execution
5.2.2.
Database Support Requirements
5.2.3.
Semicolon Separator Usage
5.2.4.
Execution Limitations
5.3.
Filter and WAF Evasion
5.3.1.
Encoding Techniques
5.3.1.1.
URL Encoding
5.3.1.2.
Hexadecimal Encoding
5.3.1.3.
Unicode Encoding
5.3.1.4.
Base64 Encoding
5.3.1.5.
Double Encoding
5.3.2.
Obfuscation Methods
5.3.2.1.
Case Variation
5.3.2.2.
Comment Insertion
5.3.2.3.
Whitespace Manipulation
5.3.2.4.
String Concatenation
5.3.2.5.
Function Substitution
5.3.3.
Alternative Syntax Usage
5.3.3.1.
Database-Specific Quirks
5.3.3.2.
Non-Standard Functions
5.3.3.3.
Operator Alternatives
5.3.4.
Null Byte Injection
5.3.4.1.
Legacy System Exploitation
5.3.4.2.
String Termination Abuse
5.4.
NoSQL Injection Techniques
5.4.1.
MongoDB Injection
5.4.2.
CouchDB Injection
5.4.3.
Cassandra Injection
5.4.4.
Redis Injection
Previous
4. SQL Injection Attack Methodology
Go to top
Next
6. Database-Specific SQL Injection