sql injection testing

SKILL.md

Execute comprehensive SQL injection vulnerability assessments on web applications to identify database security flaws, demonstrate exploitation techniques, and validate input sanitization mechanisms. This skill enables systematic detection and exploitation of SQL injection vulnerabilities across in-band, blind, and out-of-band attack vectors to assess application security posture.

Identify Injectable Parameters Locate user-controlled input fields that interact with database queries:

Test for Basic Vulnerability Indicators Insert special characters to trigger error responses:

当用户要求“测试SQL注入漏洞”、“执行SQLi攻击”、“使用SQL注入绕过身份验证”、“通过注入提取数据库信息”、“检测SQL注入缺陷”或“利用数据库查询漏洞”时，应该使用此技能。它提供了用于识别、利用和理解跨不同数据库系统的 SQL 注入攻击向量的全面技术。 来源：sickn33/antigravity-awesome-skills。

查看原文