Advanced-SQL-Injection-Cheatsheet
Verified
3015 Stars
A cheat sheet that contains advanced queries for SQL Injection of all types.
Category
Web-security
GitHub Stars
3015
Project Added On
Jun 08, 2025
Contributors
1
Table of Contents
Loading contents...
README.md
Advanced SQL Injection Cheatsheet
This repository contains a advanced methodology of all types of SQL Injection.
General Process:
- Find injection point
- Understand the website behaviour
- Send queries for enumeration
- Understanding WAF & bypass it
- Dump the database
Cheat Sheet Tree
MySQL Injection Cheatsheet
- Error- or UNION-based SQLi
- Routed queries (Advanced WAF Bypass)
- Bypass Error: The used SELECT statements have a different number of columns
- New attacking vectors (Bypassing WAF)
- Boolean-based (content-based) Blind SQLi
- Time Based SQLi
- Stabilise & Whitespace Filter Bypass
- Local File Inclusion (LFI)
- Privilege Escalation
PostgreSQL Injection Cheatsheet
- Error- or UNION-based SQLi
- Local File Inclusion (LFI) (Coming soon)
- Privilege Escalation (Coming soon)
Oracle Injection Cheatsheet
MSSQL Injection Cheatsheet
Tool Information
Author
kleiton0x00
Project Added On
June 08, 2025
License
Open Source
Tags
cheatsheet
mssql-dump
mysql-injection
mysqldump
sql
sql-injection
