SQL Injection
SQL injection is one of the most dangerous exploit that an application can be subject to. An SQL injection can turn out to be the gateway for a hacker to not only get information out of the system, but bypass authentication, reveal internal schemas, execute commands and even go to the extent of taking control of the system.
One of the first step towards evaluating whether an application is susceptible to SQL injection is by testing whether any of the fields accept the single quote and that returns an error directly from the database.
Last updated