What database systems does this skill support?

It provides comprehensive techniques and payloads for major systems including MySQL, MSSQL, PostgreSQL, and Oracle.

Can this skill be used for automated exploitation?

While it provides the logic and payloads for systematic assessment, it is designed to be used by a practitioner to guide manual testing or to complement tools like SQLMap.

Is it safe to use on production databases?

The skill includes strict guardrails against destructive queries like DROP or DELETE. However, it is always recommended to test in staging environments and only with explicit written authorization.

What are the legal requirements for using this skill?

Users must have written authorization for penetration testing, a defined scope, and established emergency contact procedures before executing any tests.

Does it help with WAF bypass?

Yes, it includes specialized techniques for character encoding, keyword variation, and whitespace substitution to test the resilience of filters and firewalls.

SQL Injection Security Testing

Name: SQL Injection Security Testing
Author: claudiodearaujo

byclaudiodearaujo

0•

セキュリティとテスト

Executes comprehensive SQL injection vulnerability assessments to identify database flaws and validate input sanitization.

This skill empowers security professionals and developers to systematically detect and exploit SQL injection vulnerabilities across multiple database systems including MySQL, MSSQL, and PostgreSQL. It provides a structured methodology for identifying injectable parameters, performing advanced exploitation techniques like UNION-based, blind, and time-based attacks, and demonstrating authentication bypass scenarios. Ideal for security audits and penetration testing, the skill includes built-in guardrails to ensure ethical testing practices and prevents destructive queries while offering detailed remediation guidance.

主な機能

01Advanced filter bypass techniques for WAF evasion using encoding and whitespace substitution

02Automated detection of injectable URL parameters, form fields, and HTTP headers

03Support for multiple exploitation vectors including UNION, Blind, and Time-based SQLi

04Database fingerprinting and schema extraction for MySQL, MSSQL, PostgreSQL, and Oracle

050 GitHub stars

06Comprehensive authentication bypass payloads for testing login form resilience

ユースケース

01Generating proof-of-concept evidence for vulnerability reporting and remediation

02Performing security audits on web applications to find and fix SQL injection flaws

03Validating the effectiveness of Web Application Firewalls (WAF) and input validation logic

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front sql-injection-testing

For use in Claude.ai and ChatGPT

Download Skill

主な機能

01Advanced filter bypass techniques for WAF evasion using encoding and whitespace substitution

02Automated detection of injectable URL parameters, form fields, and HTTP headers

03Support for multiple exploitation vectors including UNION, Blind, and Time-based SQLi

04Database fingerprinting and schema extraction for MySQL, MSSQL, PostgreSQL, and Oracle

050 GitHub stars

06Comprehensive authentication bypass payloads for testing login form resilience

ユースケース

01Generating proof-of-concept evidence for vulnerability reporting and remediation

02Performing security audits on web applications to find and fix SQL injection flaws

03Validating the effectiveness of Web Application Firewalls (WAF) and input validation logic

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front sql-injection-testing

For use in Claude.ai and ChatGPT

Download Skill