SQLi attack


A type of attack where an attacker interferes with database queries.

Manual on SQLi attack are available at https://portswigger.net/burp/documentation/desktop/testing-workflow/input-validation/sql-injection/testing
Here I just add another approach, using Repeater as usual instead of using Intruder as in the tutorial.

Send the item to be injected to the Repeater

In Repeater, modify the query as below then click Send to attack

The results are the same as in the Burp Suit's documentation. What I want to say here is that you are not overwhelmed by the functions. Intruder is similar in nature to Repeater, except that it is a more convenient way to deliver payload.

Currently unrated


There are currently no comments

New Comment


required (not published)



What is 7 × 5?