Web Security Learning
stable

Content Index:

  • 1. Prologue
  • 2. Computer Networks and Protocols
  • 3. Information Collection
  • 4. Common vulnerability attack and defense
    • 4.1. SQL Injection
      • 4.1.1. Injection Classification
      • 4.1.2. Injection Detection
      • 4.1.3. Privilege Escalation
      • 4.1.4. Database Detection
      • 4.1.5. Bypass Techniques
      • 4.1.6. SQL Injection Tips
      • 4.1.7. CheatSheet
      • 4.1.8. Precompile
      • 4.1.9. Reference articles
        • 4.1.9.1. Tricks
        • 4.1.9.2. Bypass
        • 4.1.9.3. NoSQL
    • 4.2. XSS
    • 4.3. CSRF
    • 4.4. SSRF
    • 4.5. Command Injection
    • 4.6. Directory Traversal
    • 4.7. File reading
    • 4.8. File Upload
    • 4.9. File Include
    • 4.10. XXE
    • 4.11. Template Injection
    • 4.12. Xpath injection
    • 4.13. Logic Vulnerability / Business Vulnerability
    • 4.14. Configuration and Policy Security
    • 4.15. Middleware
    • 4.16. Web Cache Spoofing Attack
    • 4.17. HTTP Request Smuggling
  • 5. Language and Framework
  • 6. Intranet penetration
  • 7. Cloud Security
  • 8. Defense Technology
  • 9. Authentication Mechanism
  • 10. Tools and Resources
  • 11. Manual Quick Check
  • 12. Others
Web Security Learning
  • »
  • 4. Common vulnerability attack and defense »
  • 4.1. SQL Injection »
  • 4.1.9. Reference articles

4.1.9. Reference articles¶

4.1.9.1. Tricks¶

  • sqlmap time based inject analysis

  • SQLInjectionWiki

  • Common Database Write Webshell Summary

  • MSSQL database attack practical guide

4.1.9.2. Bypass¶

  • Some tips for SQL injection ByPass

  • The Way of Waf Bypass

  • MySQL Bypass Wiki

4.1.9.3. NoSQL¶

  • Analysis and Mitigation of NoSQL Injections

  • NoSQL Injections

Previous Next

© Copyright 2019-2022, WebSecurity.

Built with Sphinx using a theme provided by Read the Docs.