BestHub
Sign in
Tagged articles
11 articles
Page 1 of 1
Black & White Path
Black & White Path
Mar 11, 2026 · Information Security

ByPassTamperPlus: Enhanced SQLMap Tamper Scripts for Advanced WAF Bypass

ByPassTamperPlus is a Python‑based collection of SQLMap tamper scripts tailored for MSSQL, MySQL and Oracle across multiple versions, employing version‑specific syntax, functions and obfuscation techniques to improve payload survivability against modern Web Application Firewalls, while acknowledging inherent limitations.

MSSQLOracleSQLMap
0 likes · 6 min read
ByPassTamperPlus: Enhanced SQLMap Tamper Scripts for Advanced WAF Bypass
Java Architect Essentials
Java Architect Essentials
May 26, 2023 · Information Security

Step‑by‑Step WordPress Site Penetration Testing Tutorial

This tutorial walks beginners through the entire process of compromising a WordPress website, from initial information gathering and DNS enumeration to vulnerability scanning, exploitation with tools like sqlmap and nmap, privilege escalation, and establishing persistent backdoors.

Information SecuritySQLMapWebshell
0 likes · 10 min read
Step‑by‑Step WordPress Site Penetration Testing Tutorial
php Courses
php Courses
Jan 29, 2023 · Information Security

SQL Injection Techniques, Exploits, and sqlmap Usage Guide

This article explains how forged HTTP headers can lead to SQL injection, demonstrates PHP functions for obtaining client IPs, shows blind injection payloads for enumerating databases, tables, columns, and users, and provides practical sqlmap commands and code examples for exploiting and testing vulnerabilities.

Database ExploitationSQL injectionSQLMap
0 likes · 15 min read
SQL Injection Techniques, Exploits, and sqlmap Usage Guide
Python Crawling & Data Mining
Python Crawling & Data Mining
Mar 25, 2021 · Information Security

Mastering SQL Injection with Sqlmap: A Hands‑On Exploitation Guide

This article introduces the fundamentals of SQL injection, explains Sqlmap's five injection techniques, lists supported databases, shows installation methods, walks through essential commands and options, and provides practical examples for testing and exploiting vulnerable web applications.

Database ExploitationSQL injectionSQLMap
0 likes · 17 min read
Mastering SQL Injection with Sqlmap: A Hands‑On Exploitation Guide
NetEase Game Operations Platform
NetEase Game Operations Platform
Dec 14, 2018 · Information Security

Database Injection Attacks: Principles, Exploits, and Defense Strategies

This article explains why database injection remains a critical security threat, illustrates how attackers exploit vulnerable web applications using manual techniques and automated tools such as sqlmap, and provides comprehensive defensive measures spanning secure coding, database hardening, web‑server configuration, WAF deployment, and log‑analysis to protect sensitive data.

Database SecurityInformation SecuritySQL injection
0 likes · 17 min read
Database Injection Attacks: Principles, Exploits, and Defense Strategies
ITFLY8 Architecture Home
ITFLY8 Architecture Home
May 9, 2018 · Information Security

Master MySQL Penetration: From Recon to Privilege Escalation

This article details comprehensive MySQL penetration techniques, covering information gathering, password cracking, webshell deployment, and multiple privilege‑escalation methods using tools such as Nmap, Metasploit, sqlmap, MOF, UDF and startup script exploits.

Information GatheringMetasploitSQLMap
0 likes · 25 min read
Master MySQL Penetration: From Recon to Privilege Escalation
JD Retail Technology
JD Retail Technology
May 11, 2017 · Information Security

Unmanned Customer Service System Architecture and Security Testing Overview

This article explains the concept and architecture of an unmanned customer service system, outlines its security testing strategy—including interface, vulnerability scanning, privilege and data protection tests—describes database and web security methods, and provides practical command examples and tool recommendations.

Information SecuritySQLMapWeb Security
0 likes · 14 min read
Unmanned Customer Service System Architecture and Security Testing Overview
dbaplus Community
dbaplus Community
Apr 4, 2017 · Information Security

Mastering Database Injection: Real‑World Attacks, Tools, and Defense Strategies

This comprehensive guide explains why database injection remains a critical security threat, illustrates real‑world attack techniques and toolchains, and provides layered defensive measures—from secure coding and DB‑proxy solutions to web‑server filtering, WAF deployment, and log‑analysis pipelines.

Database SecurityDefense StrategiesSQL injection
0 likes · 24 min read
Mastering Database Injection: Real‑World Attacks, Tools, and Defense Strategies
Art of Distributed System Architecture Design
Art of Distributed System Architecture Design
May 23, 2016 · Information Security

Testing HTTP Header Parameters for SQL Injection: Coverage, Tools, and Best Practices

The article examines how HTTP header and cookie parameters can serve as SQL injection vectors, evaluates the coverage of commercial and open‑source web vulnerability scanners, demonstrates manual testing techniques, and recommends tools such as sqlmap for comprehensive security assessments.

SQL injectionSQLMapWeb Security
0 likes · 13 min read
Testing HTTP Header Parameters for SQL Injection: Coverage, Tools, and Best Practices
Art of Distributed System Architecture Design
Art of Distributed System Architecture Design
Jul 16, 2015 · Information Security

Beyond GET/POST: Testing HTTP Headers and Cookies for SQL Injection

This article examines how web vulnerability scanners handle non‑traditional input vectors such as HTTP headers and cookies, demonstrates manual exploitation techniques for header‑based SQL injection, compares scanner coverage and accuracy, and offers practical guidance for developers and penetration testers.

SQL injectionSQLMapWeb Security
0 likes · 14 min read
Beyond GET/POST: Testing HTTP Headers and Cookies for SQL Injection