SQL INJECTION is a web application vulnerability in which we giving such type of input so that it can communicate with the web site database and give output according to our inserted query.
We have 4 steps to find the SQL Injection.
1. Find the INJECTION POINT.
2. IDENTIFY VULNERABILITY.
3. BALANCE THE QUERY.
4. INJECT SQLI QUERIES or PAYLOAD.
LET’S UNDERSTAND THESE 4 STEPS ONE BY ONE
STEP 1. FIND THE INJECTION POINT
Find the type of input that is communicated with the database of the website and give output according to our query.
1. GET BASED
Ethical Hacker | Penetration Tester