Web Security Learning
stable
Content Index:
1. Prologue
2. Computer Networks and Protocols
3. Information Collection
4. Common vulnerability attack and defense
4.1. SQL Injection
4.1.1. Injection Classification
4.1.2. Injection Detection
4.1.3. Privilege Escalation
4.1.4. Database Detection
4.1.5. Bypass Techniques
4.1.6. SQL Injection Tips
4.1.7. CheatSheet
4.1.7.1. SQL Server Payload
4.1.7.2. MySQL Payload
4.1.7.3. PostgresSQL Payload
4.1.7.4. Oracle Payload
4.1.7.5. SQLite3 Payload
4.1.7.6. NoSQL Payload
4.1.8. Precompile
4.1.9. Reference articles
4.2. XSS
4.3. CSRF
4.4. SSRF
4.5. Command Injection
4.6. Directory Traversal
4.7. File reading
4.8. File Upload
4.9. File Include
4.10. XXE
4.11. Template Injection
4.12. Xpath injection
4.13. Logic Vulnerability / Business Vulnerability
4.14. Configuration and Policy Security
4.15. Middleware
4.16. Web Cache Spoofing Attack
4.17. HTTP Request Smuggling
5. Language and Framework
6. Intranet penetration
7. Cloud Security
8. Defense Technology
9. Authentication Mechanism
10. Tools and Resources
11. Manual Quick Check
12. Others
Web Security Learning
»
4.
Common vulnerability attack and defense
»
4.1.
SQL Injection
»
4.1.7.
CheatSheet
4.1.7.
CheatSheet
ΒΆ
Content Index:
4.1.7.1. SQL Server Payload
4.1.7.1.1. Common Payload
4.1.7.1.2. Registry read and write
4.1.7.1.3. Error injection
4.1.7.1.4. Common functions
4.1.7.1.5. DNS OOB
4.1.7.1.6. Other Common Stored Procedures
4.1.7.2. MySQL Payload
4.1.7.2.1. Common Payload
4.1.7.2.2. Writing files
4.1.7.3. PostgresSQL Payload
4.1.7.4. Oracle Payload
4.1.7.4.1. Common Payload
4.1.7.4.2. Writing files
4.1.7.5. SQLite3 Payload
4.1.7.6. NoSQL Payload
4.1.7.6.1. Common Payload