I’ve written before about using sqlmap to perform sql injection testing against a website. It is also possible to use sqlmap to connect directly against a database. In this post I will show you how to use sqlmap to connect directly to Azure SQL Database. Once connected you can enumerate objects, open a shell, or … Read more
SQL injection is a common form of data theft. I am hopeful we can make SQL injection protection more common. The 2018 TrustWave Global Security Report listed SQL Injection as the second most common technique for web attacks, trailing only cross-site scripting (XSS) attacks. This is a 38% increase from the previous year. That same … Read more
I use sqlmap to test websites for SQL injection vulnerabilities. The tool is quite versatile, too. Here’s just a brief list of capabilities.
