top of page

SQLiv | SQL Injection

Before we are doing the injection consult, of course we must ensure that the server or target has a database security hole. To find database security holes, there are several methods we can use. Among them, Google dorking, is used mostly by hacker and penetration testers. Luckily there is a tool that is able to do that automatically. But we have to install its tool first. The tool is called SQLiv (SQL injection Vulnerability Scanner).


Install:

Then run:

Resolve some dependencies:


Finding SQL Injection Vulnerabilities:


Quick reference:


Reverse domain and scanning:

- Do reverse domain and look for websites that hosted on same server as target url


97 views0 comments

Recent Posts

See All

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse

Can you explain the difference between symmetric and asymmetric encryption? When would you use one over the other? Answer: Symmetric encryption uses a single key to both encrypt and decrypt data, whil

Nuclei is an open-source tool that allows security researchers and penetration testers to automate the process of finding vulnerabilities in web applications. It works by sending HTTP requests to a ta

bottom of page