This wiki's mission is to be a one stop resource for fully identifying, exploiting, and escalating SQL injection vulnerabilities across various Database Management Systems. Want to know more? Check out the release blog!
All DBMS content is located in the ./build directory, under the appropriate DBMS. Any basic content changes should be made in this folder. Adding a new DBMS is not currently a well abstracted process. Submit an issue for help in adding an entire new DBMS. Top level pages with no DBMS tabs can be added in the ./views directory and included in ./views/nav.html.
More detailed documentation coming soon.
Follow the styles already set in the existing files if not listed below.
- All tables should have classes of
table table-striped table-hover - All code snippets should be wrapped in
<code></code> - All top headers should be
<h3></h3> - All sub section headers should be
<h4 class="injectionSubheading"></h4> - Top level descriptions should be
<p class="readableText"></p> - Secondary descriptions should just be
<p></p>
It is easiest to run this locally with the attached python script runit.py. This removes all caching and adds a fallback url, so we can use real URL paths for routing. To run just type python runit.py and go to http://localhost:8000.
To make any changes please make a pull request or create an issue.
For those with write access to this repository do the following after making changes or before accepting pull requests:
Increment the minor VERSION variable near the bottom of ./index.html. This helps push the new changes even if they're cached.
git pull
git add .
git commit -am "[commit_message_here]"
git push origin masterThat will update the master repository.
- Aaron Yaeger
- Antti Rantasaari
- Ben Tindell
- Colin Salisbury
- Eric Gruber (@egru)
- Jake Reynolds (@jreynoldsdev)
- Khai Tran (@k_tr4n)
- Rafael Seferyan
- Scott Sutherland (@_nullbind)