Summary
This is a comprehensive SQLi exploitation reference that goes well beyond basic UNION and error-based attacks. It covers database-specific blind inference techniques, out-of-band exfiltration through DNS, HTTP, and SMB channels, and second-order injection patterns across MySQL, MSSQL, Oracle, and PostgreSQL. The routing is smart: it links to a ghost-bits-cast attack for bypassing WAFs when you're hitting Java backends with Jackson, and splits advanced material into separate scenario and sqlmap docs you can load on demand. The first-pass payload table and DBMS fingerprinting section alone will save you from fumbling through trial and error. If you're doing actual penetration testing or need to explain modern SQLi techniques beyond the OWASP top ten basics, this gives you the tactical depth.
Install to Claude Code
npx -y skills add yaklang/hack-skills --skill sqli-sql-injection --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
