■ SQL Injection - Quick Notes

1. What is SQL Injection?

SQL Injection (SQLi) is a web security vulnerability that allows attackers to interfere with queries
made to the database.

2. Types of SQL Injection

- In-Band SQLi: Error-based, Union-based.
- Blind SQLi: Boolean-based, Time-based.
- Out-of-Band SQLi: Uses external channels like DNS or HTTP requests.

3. Common Payloads
- `' OR '1'='1` (bypass login)
- `UNION SELECT username, password FROM users`
- `1; DROP TABLE users--`

4. Prevention Techniques
- Use Parameterized Queries (Prepared Statements).
- Employ Stored Procedures.
- Validate & sanitize user inputs.
- Implement Least Privilege for database accounts.
- Use Web Application Firewalls (WAFs).

5. Testing Tools
- SQLMap (automated testing).
- Burp Suite.
- Manual payload crafting.

■ Pro Tip: Always test responsibly on authorized systems, never on live apps without permission.