SQL INJECTION is a web application vulnerability in which we giving such type of input so that it can communicate with the web site database and give output according to our inserted query.

HOW TO FIND SQL INJECTION BY MANUALLY

We have 4 steps to find the SQL Injection.

1. Find the INJECTION POINT.

2. IDENTIFY VULNERABILITY.

3. BALANCE THE QUERY.

4. INJECT SQLI QUERIES or PAYLOAD.

LET’S UNDERSTAND THESE 4 STEPS ONE BY ONE

STEP 1. FIND THE INJECTION POINT

Find the type of input that is communicated with the database of the website and give output according to our query.

For Example

1. GET BASED

Mr Void

Ethical Hacker | Penetration Tester

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store