Before we are doing the injection consult, of course we must ensure that the server or target has a database security hole. To find database security holes, there are several methods we can use. Among them, Google dorking, is used mostly by hacker and penetration testers. Luckily there is a tool that is able to do that automatically. But we have to install its tool first. The tool is called SQLiv (SQL injection Vulnerability Scanner).
Resolve some dependencies:
Finding SQL Injection Vulnerabilities:
Reverse domain and scanning:
- Do reverse domain and look for websites that hosted on same server as target url