# SQL Injection Demo An insecure application to demo SQL injection. ## Usage **DISCLAIMER: Do NOT attempt SQL Injection Attacks on any application if you do not have permission. IT IS A FELONY.** ``` $ git clone https://github.com/WeilerWebServices/SQL-Injection-Demo.git $ cd SQL-Injection-Demo $ sh run.sh ``` Now you can open the app and try out a SQL Injection Attack at http://localhost:5000 . See if you can append user names and passwords to the end of the search results table. To get the best practice, try this without looking at any of the application code, just like a real attacker. [Watch this Computerphile video to see an example.] (https://www.youtube.com/watch?v=ciNHn38EyRc) ## Contributing If you would like to see changes to this project, start a conversation as an Issue to discuss your plans. Pull Requests are always welcome!