Back to Methodologies

SQL Injection Methodology

#methodology#payloads#sqli

Commands

subfinder -d example.com -all -silent | httpx-toolkit -td -sc -silent | grep -Ei 'asp|php|jsp|jspx|aspx'
Single domain reconnaissance for potential SQL injectable endpoints
subfinder -d -l subdomains.txt -all -silent | httpx-toolkit -td -sc -silent | grep -Ei 'asp|php|jsp|jspx|aspx'
Multiple subdomain reconnaissance for SQL injection testing

Tips & Best Practices

Always test for different SQL database types (MySQL, PostgreSQL, Oracle, MSSQL)

Use time-based payloads when blind SQL injection is suspected

Test all input parameters, including headers and cookies

Start with low-risk payloads before increasing complexity

Monitor response times carefully for time-based injections

Document all findings and successful payloads

Use different encoding techniques to bypass WAF

Always get proper authorization before testing