What is SQL Injection?
Greetings, it's like forever since the last time I share a post. a lot of things happened, now I'm working at a cybersecurity company in Malaysia as a Security Consultant. straight to the point, today I want to share about SQL Injection. note: all the knowledge shared is for educational purposes only. What is a SQL injection? SQL injection is one of the common vulnerabilities found during application penetration testing. This vulnerability happened because the developer of the application did not apply secure coding during development. This vulnerability mainly allows the attacker to manipulate the SQL query that the application uses to call data from the database with their own SQL query. There are three common types of SQL Injection. Error Based The reason for the name "Error Base" is because when the original SQL query is used to query data from the database interrupted ( ' ) it will throw an SQL error. For example: Injected SQL query: SELECT A From B where