Home.
Web ApplicationCritical

SQL Injection

SQL injection remains one of the most damaging web vulnerabilities because a single unsafe query can expose entire databases. This guide explains exploitation patterns and defensive engineering controls.

Back to TechniquesTest Your Skills

How Attackers Use It

Attack Summary

Attacker inserts malicious SQL into an input field. The database executes it, allowing authentication bypass, full data extraction, or even OS command execution via stored procedures.

  • Recon identifies injectable parameters in login, search, or filter endpoints.
  • Payloads are tested to confirm query manipulation and error-based behavior.
  • Attackers pivot to UNION-based, boolean-based, or time-based extraction.
  • Compromised database users can lead to data theft and privilege escalation.

Defensive Strategy

Defense Summary

Parameterised queries / prepared statements. ORM query builders. Input validation and WAF rules. Least-privilege database accounts.

  • Use prepared statements for every database interaction.
  • Block dynamic SQL string concatenation in code reviews and CI checks.
  • Enforce least privilege for DB users and separate read/write roles.
  • Monitor and alert on SQL error patterns and anomalous query volume.

Detection Signals

  • Unusual SQL syntax in request parameters such as quotes, comments, or UNION keywords.
  • Spikes in 500 errors or DB exceptions tied to specific endpoints.
  • Unexpected long-running queries and response latency patterns.

Keywords

SQL InjectionSQL Injection DetectionSQL Injection PreventionCritical SeverityWeb Application SecurityAttack and DefenseThreat DetectionSecurity Hardening

External References

Authoritative references for deeper learning and validation.

Related Techniques

Explore additional techniques with similar risk level.

Server-Side Request Forgery (SSRF)Broken Access ControlBuffer Overflow