Tuesday, August 1, 2017

Trying SQL Injection on Your Own

Trying SQL Injection on Your Own


Hey, if after our last couple of posts, you feel like your SQL fu is up to snuff and want to get your hands on a real vulnerable web app that maybe doesnt have the answers all leaked out, then check this out.


Head on over to  http://csis.pace.edu/~lchen/sweet and download the vulnerable app theyre hosting in VM or Virtualbox format. Stand up that server and follow these two guides, 5 - Security Testing and 6 - Vulnerability Management .

The Ubuntu web server is running BadStore, which you can alternately register for and download here: http://www.badstore.net  Either way, youre going to be able to run SQL Injection and XSS vulns against this web app and database.

Try it out!


download file now

Posted by at
Labels: , , , , ,