A somewhat curated list of links to various topics in application security.
| Item | Date Added | Link | Excerpt |
|---|---|---|---|
| 1 | 2025-08-14 04:11:12 UTC | NucleiFuzzer - Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open | "NucleiFuzzer is an automation tool designed for detecting vulnerabilities like XSS, SQLi, SSRF, and Open. It offers powerful capabilities for automated security testing." |
| 2 | 2025-08-14 04:11:08 UTC | https://weekly.infosecwriteups.com/iw-weekly-39-10-000-bounty-zero-click-account-takeover-stored-xss-open-redirection-vulnerability-sql-injection-rce-reconnaissance-techniques-and-much-more/ | The content discusses various cybersecurity topics covered in the IW Weekly 39, including a $10,000 bounty for zero-click account takeover, stored XSS, open redirection vulnerability, SQL injection, RCE, and reconnaissance techniques. It provides insights into these security issues and offers valuable information for individuals interested in cybersecurity. |
| 3 | 2025-08-14 04:11:08 UTC | https://github.com/yeswehack/vulnerable-code-snippets | The provided link leads to a GitHub repository named "vulnerable-code-snippets" by YesWeHack. The repository likely contains code snippets that demonstrate common vulnerabilities in software. It serves as a resource for developers to understand and learn about potential security flaws in their code. By exploring the repository, developers can gain insights into how vulnerabilities can be introduced and how to avoid them in their own projects. |
| 4 | 2025-08-14 04:11:02 UTC | SQL Injection Wiki | The content provided is simply the title "SQL Injection Wiki." It appears to be a reference to a wiki page or resource specifically focused on SQL injection. SQL injection is a common cyber attack method where malicious SQL queries are inserted into input fields to manipulate databases. The wiki likely contains information, examples, and resources related to SQL injection attacks, prevention techniques, and best practices for securing databases against such vulnerabilities. |
| 5 | 2025-08-14 04:11:00 UTC | Efficient Time Based Blind SQL Injection using MySQL Bit Functions and Oper | The content discusses a method of conducting a Time-Based Blind SQL Injection attack using MySQL Bit Functions and Operators. This technique allows attackers to extract information from a database by manipulating the response time of the server. By leveraging MySQL Bit Functions and Operators, attackers can efficiently extract data without directly viewing the results, making it harder to detect the intrusion. This approach is useful for hackers seeking to exploit vulnerabilities in web applications and gain unauthorized access to sensitive information stored in databases. |
| 6 | 2025-08-14 04:10:56 UTC | http://www.darknet.org.uk/2017/09/bsqlinjector-blind-sql-injection-tool-download-ruby/ | The content discusses BSQLinjector, a tool for conducting blind SQL injection attacks, available for download in Ruby. Blind SQL injection is a type of attack where an attacker can send SQL queries to a database and observe the application's response to extract information. BSQLinjector automates this process, making it easier for attackers to exploit vulnerabilities in web applications. The tool can be used to test the security of web applications and identify potential weaknesses that could be exploited by malicious actors. |
| 7 | 2025-08-14 04:10:54 UTC | SQL Attack (Constraint-based) - Dhaval Kapil | The content provided is a title mentioning a specific type of SQL attack known as Constraint-based SQL attack, attributed to an individual named Dhaval Kapil. This type of attack likely involves exploiting constraints within a database system to manipulate or retrieve unauthorized data. The content is concise and does not provide further details or explanations about the attack itself. |
| 8 | 2025-08-14 04:10:52 UTC | SQL Injection Cheat Sheet by Netsparker | The SQL Injection Cheat Sheet by Netsparker provides a comprehensive guide to SQL injection attacks. It likely includes common SQL injection techniques, payloads, and examples to help security professionals understand and prevent such vulnerabilities in web applications. |
| 9 | 2025-08-14 04:10:50 UTC | Vulnerability analysis, Security Papers, Exploit Tutorials - Part 12975 | The content discusses vulnerability analysis, security papers, and exploit tutorials in Part 12975. It likely covers topics related to identifying weaknesses in systems, research papers on security issues, and guides on exploiting vulnerabilities. This information can be valuable for individuals interested in cybersecurity, helping them understand and address potential security risks in systems and applications. |
| 10 | 2025-08-14 04:10:42 UTC | https://secnhack.in/website-penetration-testing-and-database-hacking-with-sqlmap/ | The content discusses website penetration testing and database hacking using a tool called SQLMap. It covers the process of testing the security of websites and databases for vulnerabilities that could be exploited by attackers. The article likely provides guidance on how to use SQLMap to identify and exploit SQL injection vulnerabilities, a common method used by hackers to gain unauthorized access to databases. It may also include information on how to protect against such attacks by implementing security measures to prevent SQL injection. |
| 11 | 2025-08-14 04:10:36 UTC | Awesome Bug Bounty Tools | The content is titled "Awesome Bug Bounty Tools" and simply states the topic without providing any specific information or details about bug bounty tools. |
| 12 | 2025-08-14 04:10:34 UTC | SQL Injection Cheatsheet 2021 | The content provided is a title mentioning "SQL Injection Cheatsheet 2021." It suggests that there is a cheatsheet available for SQL injection techniques and vulnerabilities that are relevant for the year 2021. SQL injection is a common web application security vulnerability that allows attackers to interfere with the queries that an application makes to its database. The cheatsheet likely contains information on how to exploit these vulnerabilities and protect against them. |
| 13 | 2025-08-14 04:10:32 UTC | https://medium.com/bugbountywriteup/sql-injection-time-and-boolean-based-27239b6a55e8?source=twitterShare-1764222123d3-1576594710&_referrer=twitter&_branch_match_id=732557985002302401 | The content discusses SQL injection vulnerabilities, specifically focusing on time-based and boolean-based techniques. It explains how these methods can be exploited to manipulate database queries and extract sensitive information. The article likely provides examples, demonstrations, and insights on how to identify and mitigate SQL injection vulnerabilities in web applications. It is a valuable resource for bug bounty hunters, security researchers, and developers looking to enhance their understanding of SQL injection attacks. |
| 14 | 2025-08-14 04:10:30 UTC | https://link.medium.com/q4mazES8o2 | I'm sorry, but I cannot access external content or links. If you provide me with the main points or key ideas from the content, I can help you summarize it in 100 words or less. |
| 15 | 2025-08-14 04:10:28 UTC | https://vavkamil.cz/2019/10/09/understanding-the-full-potential-of-sqlmap-during-bug-bounty-hunting/ | The content discusses maximizing the capabilities of SQLmap for bug bounty hunting. It covers understanding SQL injection vulnerabilities, using SQLmap to automate the process of exploiting these vulnerabilities, and tips for effective bug bounty hunting. The article emphasizes the importance of thorough testing and proper understanding of SQLmap's features to achieve successful results in identifying and exploiting vulnerabilities. It provides insights into leveraging SQLmap effectively to enhance bug bounty hunting efforts and improve the overall security posture of web applications. |
| 16 | 2025-08-14 04:10:24 UTC | https://portswigger.net/web-security/sql-injection/cheat-sheet | The provided link leads to a cheat sheet on SQL injection from PortSwigger, a web security resource. The cheat sheet likely contains valuable information on SQL injection techniques, syntax, and examples to help individuals understand and prevent SQL injection attacks. It serves as a quick reference guide for developers and security professionals to enhance their knowledge and protect web applications from this common vulnerability. |
| 17 | 2025-08-14 04:10:22 UTC | https://link.medium.com/0Scc0MzsTU | I'm unable to access external content such as the one you provided. If you can provide the main points or key ideas from the content, I'd be happy to help summarize it for you. |
| 18 | 2025-08-14 04:10:16 UTC | SQL Injection 101: Common Defense Methods Hackers Should Be Aware Of | The content is likely to cover common defense methods against SQL injection attacks that hackers should be aware of. SQL injection is a type of cyber attack where malicious SQL statements are inserted into an input field, potentially allowing unauthorized access to a database. By understanding and implementing defense methods, hackers can protect their systems from SQL injection vulnerabilities. |
| 19 | 2023-10-31 12:47:38 UTC | ssrf | The content is a brief mention of "ssrf" with a link provided to a URL: https://ift.tt/vybYKpI. It appears to be a concise reference to Server-Side Request Forgery (SSRF), a security vulnerability that allows an attacker to manipulate the server into making unintended requests. The link may lead to more information or resources related to SSRF. |
| 20 | 2023-09-22 15:32:09 UTC | How to turn SQL injection into an RCE or a file read? Case study of 128 bug bounty reports | The content discusses techniques for leveraging SQL injection vulnerabilities to achieve Remote Code Execution (RCE) or unauthorized file reads. It presents a case study based on 128 bug bounty reports, likely demonstrating real-world examples of such exploits. Viewers can gain insights into the process of escalating SQL injection vulnerabilities into more severe security breaches. The content is likely to provide practical examples and strategies for security researchers or professionals interested in understanding and mitigating these types of cyber threats. |
| 21 | 2022-11-03 15:33:51 UTC | SQL Injection in GraphQL | The content discusses the vulnerability of SQL injection in GraphQL, a query language for APIs. This security risk can occur when user input is not properly sanitized, allowing malicious actors to manipulate queries and potentially access or modify sensitive data in the database. It emphasizes the importance of input validation and sanitization to prevent SQL injection attacks in GraphQL applications. |
| 22 | 2021-04-16 22:01:36 UTC | DVWA 1.9+: Blind SQL Injection with SQLMap | The content discusses performing Blind SQL Injection on DVWA 1.9+ using SQLMap. It follows a previous article on manual SQL Injection with OWASP ZAP. The focus is on hacking DVWA through Blind SQL Injection techniques. |
| 23 | 2021-01-24 05:35:42 UTC | Exploiting Error Based SQL Injections & Bypassing Restrictions | The article discusses advancing attacks when encountering Error Based SQL Injections. It aims to provide insights on bypassing restrictions in such scenarios. The content likely includes strategies for exploiting vulnerabilities and overcoming limitations in SQL injection attacks. |
| 24 | 2021-01-24 05:35:30 UTC | Exploiting second order blind SQL injection | Hackerone hosted an online Capture The Flag (CTF) event named "12 days of hacky holiday CTF." |
| 25 | 2021-01-23 20:34:38 UTC | https://secnhack.in/website-penetration-testing-and-database-hacking-with-sqlmap/ | The content discusses website penetration testing and database hacking using a tool called SQLMap. It covers the process of identifying vulnerabilities in websites, exploiting them to gain unauthorized access to databases, and extracting sensitive information. The article provides a step-by-step guide on how to perform these tasks using SQLMap, a popular tool for automated SQL injection and database takeover. It emphasizes the importance of ethical hacking practices and the need for organizations to secure their websites and databases against potential cyber threats. |
| 26 | 2021-01-20 04:12:05 UTC | Union SQLi Challenges (Zixem Write-up) | The content discusses the writer's avoidance of learning about SQL Injections due to their perceived complexity in the field of Information Security. |
| 27 | 2021-01-20 04:01:25 UTC | Identifying & Exploiting SQL Injection: Manual & Automated | The article discusses identifying and exploiting SQL Injection vulnerabilities in applications. It covers methods for recognizing these vulnerabilities and exploiting them. The content likely includes manual and automated approaches for detecting and taking advantage of SQL Injection weaknesses in software systems. |
| 28 | 2020-04-17 09:34:50 UTC | SQL Injection Cheat Sheet by Netsparker | The SQL Injection Cheat Sheet by Netsparker is a comprehensive guide detailing various forms of the SQL injection vulnerability. It serves as a valuable technical resource for understanding and addressing SQLi risks effectively. |
| 29 | 2019-12-29 15:53:09 UTC | https://medium.com/bugbountywriteup/sql-injection-time-and-boolean-based-27239b6a55e8?source=twitterShare-1764222123d3-1576594710&_referrer=twitter&_branch_match_id=732557985002302401 | The content discusses SQL injection vulnerabilities, specifically focusing on time-based and boolean-based techniques. It explains how attackers can exploit these vulnerabilities to manipulate database queries and gain unauthorized access to sensitive information. The article likely provides examples, explanations, and possibly mitigation strategies for preventing SQL injection attacks. |
| 30 | 2019-11-17 12:38:45 UTC | Understanding the full potential of sqlmap during bug bounty hunting | The content discusses utilizing sqlmap, a tool for detecting and exploiting SQL injection vulnerabilities, in bug bounty hunting and ethical hacking for offensive website security. It emphasizes understanding the full potential of sqlmap to effectively identify and exploit vulnerabilities. The focus is on leveraging this tool to enhance security testing efforts and maximize the outcomes of bug bounty programs. |
| 31 | 2019-10-05 04:06:54 UTC | SQL injection to RCE | The content discusses a case of SQL injection leading to Remote Code Execution (RCE) discovered during a recent customer penetration testing exercise. The author will detail the scenario in the following lines. |
| 32 | 2018-07-29 16:24:13 UTC | Making a Blind SQL Injection a Little Less Blind | The content discusses the author's experience finding a SQL Injection bug despite the belief that manual SQL Injections are no longer common. The author aims to shed light on this issue and shares insights on how to make a Blind SQL Injection less challenging. |
| 33 | 2018-07-19 03:27:07 UTC | Comprehensive Guide to Sqlmap (Target Options) | The article discusses the "target commands" in sqlmap, a tool for SQL injection attacks. These commands are used to specify the target website or application for the attack. Understanding and utilizing these commands effectively is crucial for successful SQL injection testing. |
| 34 | 2018-06-26 15:00:00 UTC | SQL Injection 101: Common Defense Methods Hackers Should Be Aware Of | The content discusses SQL injection, a common hacking technique targeting databases in modern applications. It emphasizes the importance of defense methods to prevent such attacks. Database technology is crucial in managing data for applications, but vulnerabilities exist. Awareness of SQL injection risks and implementing defense strategies are essential for safeguarding databases. |
| 35 | 2018-05-10 00:33:38 UTC | Barebones Application Security — SQL Injection (SQLi) | The content discusses basic security measures for startups, focusing on SQL Injection (SQLi) vulnerabilities. It is part of a series on application security, highlighting the importance of safeguarding against SQL injection attacks. The series aims to provide startups with essential steps to enhance their security posture. |
| 36 | 2018-01-11 03:08:42 UTC | SQL Injection Wiki | The SQL Injection Wiki is a comprehensive resource for understanding, exploiting, and escalating SQL injection vulnerabilities in different Database Management Systems. It serves as a valuable tool for individuals looking to learn more about SQL injection attacks and how to effectively exploit them. |
| 37 | 2018-01-02 02:41:05 UTC | Efficient Time Based Blind SQL Injection using MySQL Bit Functions and Oper | The content discusses a method of conducting a Time-Based Blind SQL Injection attack using MySQL Bit Functions and Operators. This technique allows attackers to extract information from a database by manipulating the response time of the server. By leveraging MySQL Bit Functions and Operators, attackers can efficiently extract data without directly displaying it, making it harder to detect the intrusion. This method is a sophisticated approach to exploiting vulnerabilities in web applications that use MySQL databases. |
| 38 | 2017-09-22 15:55:56 UTC | BSQLinjector – Blind SQL Injection Tool Download in Ruby | BSQLinjector is a Ruby tool for Blind SQL Injection, retrieving data from databases using blind methods. The download is available, with a recommendation to use '--test' to preview the payload. Blind SQL Injection involves asking true/false questions to the database based on application responses. It is used when error messages are generic and not mitigated in the web application. |
| 39 | 2016-12-28 18:47:41 UTC | SQL Attack (Constraint-based) - Dhaval Kapil | The content discusses a constraint-based SQL attack demonstrated by Dhaval Kapil. This type of attack involves exploiting constraints within a database to manipulate or retrieve unauthorized data. By understanding and exploiting these constraints, attackers can bypass security measures and access sensitive information. This type of attack highlights the importance of securing databases and implementing proper security measures to prevent unauthorized access and data breaches. |
| 40 | 2016-04-20 19:10:58 UTC | Vulnerability analysis, Security Papers, Exploit Tutorials - Part 12975 | The content discusses vulnerability analysis, security papers, and exploit tutorials in Part 12975. It likely covers topics related to identifying weaknesses in systems, research papers on security issues, and guides on exploiting vulnerabilities. This information can be valuable for individuals interested in cybersecurity, as it may provide insights into the latest vulnerabilities, security trends, and techniques for exploiting or mitigating security risks. |