Bypass Addslashes using Multibyte Character

I beleive this tutorial is nother unique or new as compared to some other tutorials on Securityidiots. Tutorial related to Addslash bypass can be found easily

Read More

MSSQL practical Second Order Exploitation

MSSQL out of band exploitation, very useful while you are not able to extract that data in all those old ways, here we are with a awesome fucking new way ;)

Read More

Oracle SQL Injection and DIOS Query

Here is a complete tutorial on how to injection in oracle based website, along with into to oracle DIOS.

Read More

MSSQL Second Order Exploitation

MSSQL Insert Query injection and Second order Exploitation tutorial with video...

Read More

One Payload to Inject them all - MultiQuery Injection

Multi Query injection, one of my favorites. Heres a little explanation on it and why its different from Routed SQLi

Read More

MSSQL Error Based Injection

Many times you fall into a situation when Union doesnt work so herez basics of how to use error based MSSQL injection, and what are the conditions need to be met for an error based SQLi

Read More

Routed SQL Injection

Security Idiots is up with some of the most tricky parts of SQL injection, brace yourself to have some more fun with SQL injection.

Read More

Step By Step MSSQL Union Based Injection

A complete series on MSSQL Injection for those who are still not really comfortable with MSSQL Injection

Read More

Manual Inj3ct0rs Guide to recognize database

Learn how to recognize the database used by the application even when you can not see any kind of errors. Handy guide for manual SQL injectors.

Read More

MSSQL DIOS (Dump in One Shot)

Explanation on MS SQL Dump in one shot query.

Read More

DIOS the SQL Injectors Weapon (Upgraded)

Learn some more about DIOS and check out the other complete new flavors of SQLi DUMP In One Shot.

Read More

DIOS (Dump in One Shot) Explained Part 2

Here we will learn Some more advanced tricks to use with our DIOS and make it a complete query to work with

Read More

DIOS (Dump in One Shot) Explained

Most of the Inj3ct0rs are using DIOS but very few actually know how it is working or how can they change it to get the required output. so here is a tutorial which will help you on that

Read More

Union Based Oracle Injection

After all of our tutorials on injecting into MySQL database this tutorial concentrates on the basics of injecting in Oracle database

Read More

Group By and Order by SQL injection

Here we will learn how can an attacker inject into Order by and group by clause to extract the data using SQL injection

Read More

Dumping Database From Login Form

Earlier we discussed how to bypass Login Form using SQL Injection. Now in this tutorial we will learn how to Dump Database using SQLi

Read More

URL Spoofed Phishing using SQLi

In this tutorial we will learn how to Phish with the help of SQL injection in such a manner the victim wont be able to doubt your link by looking in the URL.

Read More

DDOS Using SQL injection (SiDDOS)

Regardless to many other attacks we can perform using SQLi there is an awesome attack DDOS which we can also perform via SQLi

Read More

Delete Query Injection

Usually Inj3ct0rs Inject into SQL statements and many times they miss to check the update and delete function to test. here we will discuss the same.

Read More

Update Query Injection

Usually Inj3ct0rs Inject into SQL statements and many times they miss to check the update and delete function to test. here we will discuss the same.

Read More

XSS Injection with SQLi (XSSQLi)

Over here we will only be concentrating over the SQL injection and how to perform a basic XSS attack using SQL injection, rest you can learn more on XSS to achieve a better results using the same XSS.

Read More

Time based Blind Injection

The way of exploitation will be same as blind injection just the injection is little changed. so as in blind we were getting to know that the question we asked the database returns true or not by the

Read More

Insert Query Injection

As we discussed all the other types of queries injection, in this one we will discuss how can a hacker manipulate the input to inject into a insert query and get the data.

Read More

Login Bypass Using SQL Injection

In this tutorial we will learn how a hacker can manipulate the input and inject it in such a manner that without username or password he can login

Read More

Evil Twin Injection

In this tutorial we will learn how to do get all the data into a website in a very faster way using the SQL evil twin injection

Read More

Blind SQL Injection

Blind SQL Injection is used when there is No Output and No Error. that means we cant Injection the Union based injection in which we use to get the output nor we can Inject the XPATH or Sub Query Inje

Read More

Error Based Injection SubQuery Injection

XPATH is not available in some versions of MySQL and may be filtered or disabled by admin that is why to overcome this problem we will use Sub Query Injection.

Read More

Error Based Injection using UpdateXML

When we are not able to extract the data using union based injection because the web application is not showing any output in such cases we can use XPATH injection

Read More

Error Based Injection using Extractvalue

When we are not able to extract the data using union based injection because the web application is not showing any output in such cases we can use XPATH injection

Read More

Deathrow Single Row injection

This type of injection you will commonly face and in this tutorial we will learn how to make the data extraction process faster even when its a deathrow injection

Read More

Basic Union Based Injection

This is the most basic and the fastest way to extract data from a website, in this tutorial we will learn to inject Union based injection after getting the number of columns.

Read More

Basic of SQL for SQL Injection part 3

In this part we will learn how to find out the type of comment to be used and how and why to find out the number of columns

Read More

Basic of SQL for SQL Injection part 2

In the last tutorial we learnt how to basic SQL queries works and how we can assume basic queries by looking at the URL

Read More

Basic of SQL for SQL Injection

Before one can start learning SQL injection having some basic knowledge of SQL queries and working is required by the user

Read More