SQL injection is one of the longest-running vulnerabilities in IT. Its very existence is proof that some web technologies, including languages, make it very easy for a simple semantic error to lead to a dangerous data breach. When deciding to use web applications, we must harden all the systems that are involved and not cut corners when it comes to security. Some of the biggest data breaches in IT history have happened in recent years through this type of exploit.
In the following subsections, we will learn how to manipulate HTTP GET request strings to find potential SQL injection vulnerabilities. The two basic types that we cover will be integer and string. The difference between the two solely relates to the type of ...