Ethical Hacking Lab to Test and Learn SQL injection,XSS, CSRF Vulnerability

Hi BTS readers, so far i have gave the Web Application Pen Testing tutorials .  Now it is time to for practicing your skills in legal way. Last time , i explained about the Damn Vulnerable  Web Application(DVWA).  This time i came with different web application  that will develop your knowledge in Web App PenTesting. […]

What is Blind Sql Injection ? Web Application Vulnerability Tutorial

Blind SQL injection technique is used when the web application is vulnerable but the output doesn’t display to the attacker. When hacker tries SQL injection, they will redirect to some other pages instead of error message. Blind SQL Injection is harder to implement when compared with the above Traditional SQL Injection Technique, it will take […]

Automated Blind SQL Injection Attacking Tools~bsqlbf Brute forcer

What is Blind SQL Injection: Some Websites are vulnerable to SQL Injection but the results of injection are not visible to the attacker.  In this situation, Blind SQL Injection is used. The page with the vulnerability may not be one that displays data but will display differently depending on the results of a logical statement […]

How does your Website becomes vulnerable to SQL Injection?

Developer is the one and only reason for the SQL Injection Vulnerability. While developing the Web Application, he fails to handle some vulnerability(because he doesn’t know about it. Don’t be one of them. If you are Web Application developer, then you must read these security techniquest in order to overcome the SQL Injection Vulnerability. Reason […]

SQL Inject Me -SQL Injection Tool to test the Vulnerability for Pen Testers

So far i have written what is sql Injection, How to prevent SQL Injection? .  In this post, i am going to introduce a new SQLi tool for Pen Testers and Webmasters.The tool name is SQL Inject Me. What is SQL Inject Me?SQL Inject Me is Mozilla addon that is used to test the SQL […]

How to Prevent SQL Injection Vulnerability? Website Security

Hi webmasters and budding Pen Testers, I hope you read my article about SQL Injection. Our Aim is to provide Security, right? So here is the prevention techniques. Use Prepared Statements: Use prepared statements, parameterized queries, or stored procedures. Don’t use Dynamic SQL. In Java you can use PreparedStatement() with bind variables  In .NET you […]

What is SQL Injection? Web Application Vulnerability

WebApplication(Website) stores the information in database such as user info, admin info, and passwords. When the developer fails to handle escape characters and type, it results in vulnerable database. Hacking or accessing the database using this vulnerability is known as SQL injection. What an attacker can do? Bypassing Logins Accessing secret data Modifying contents of […]