Sign in

Photo by Clint Patterson on Unsplash

In the following article we will try to go from little or no knowledge of SQL to perform a basic SQL injection. To achieve this we will use the DWVA box, hosted by TryHackMe.

SQL injection is the act of exploiting unfiltered user input in a web app. The input may contain valid SQL commands and will therefore be executed when parsed to the SQL server, which may result in unwanted changes or exposure of data.

Some basic SQL and SQL-syntax

As you already know, SQL is used to manipulating databases. …


CyberSecurity, Software Development, tech-junky.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store