SQLI-LABS 是一个专业的SQL注入练习平台


  1. Error Based Injections (Union Select)
    1. String
    2. Intiger
  2. Error Based Injections (Double Injection Based)
  3. BLIND Injections: 1.Boolian Based 2.Time Based
  4. Update Query Injection.
  5. Insert Query Injections.
  6. Header Injections. 1.Referer based. 2.UserAgent based. 3.Cookie based.
  7. Second Order Injections
  8. Bypassing WAF
    1. Bypassing Blacklist filters Stripping comments Stripping OR & AND Stripping SPACES and COMMENTS Stripping UNION & SELECT
    2. Impidence mismatch
  9. Bypass addslashes()
  10. Bypassing mysql_real_escape_string. (under special conditions)
  11. Stacked SQL injections.
  12. Secondary channel extraction