Skip to content

ts-cset/sql-injection-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
injectiondemo
injectiondemo
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
run.sh
run.sh
 
 
setup.py
setup.py
 
 

Repository files navigation

SQL Injection Demo

An insecure application to demo SQL injection.

Usage

DISCLAIMER: Do NOT attempt SQL Injection Attacks on any application if you do not have permission. IT IS A FELONY.

$ git clone git@github.com:ts-cset/sql-injection-demo.git
$ cd sql-injection-demo
$ sh run.sh

Now you can open the app and try out a SQL Injection Attack at http://localhost:5000 . See if you can append user names and passwords to the end of the search results table. To get the best practice, try this without looking at any of the application code, just like a real attacker.

Watch this Computerphile video to see an example.

Contributing

If you would like to see changes to this project, start a conversation as an Issue to discuss your plans.

Pull Requests are always welcome!

About

An insecure application to demo SQL injection.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages