Commit Graph

20 Commits

Author SHA1 Message Date
ItsIgnacioPortal 049dc40465 feat(wordlist): Added risk-classified list of SQLi payloads
Initial sorting created by the classifier script.

Related to #1320

Closes #1011

Co-authored-by: 0xBassia <med.bassia@gmail.com>

Co-authored-by: Miroslav Stampar <miroslav.stampar@gmail.com>

Co-authored-by: soka <romain.dereydellet@gmail.com>

Co-authored-by: Alexis Danizan <51817778+0x4144@users.noreply.github.com>
2026-05-16 14:13:23 -03:00
ItsIgnacioPortal 0817390c27 chore(wordlist): Moved polyglot sql injection wordlist into the 'SQLi' directory 2025-05-08 02:02:53 -03:00
ItsIgnacioPortal 6cb1c88b9e feat(docs): Added warning to SQLi wordlists about destructive queries
related to #1011
2025-05-08 01:59:50 -03:00
ItsIgnacioPortal 9c8c23fbed chore(wordlist): Moved sql injection wordlists into the 'SQLi' directory 2025-05-08 01:55:05 -03:00
ItsIgnacioPortal 07fe6cea12 chore(wordlist): Moved SQLi wordlists into the 'Databases' directory 2025-05-08 01:51:12 -03:00
Dominique RIGHETTO 55c4988410 Rename OracleSID.txt to OracleDB-SID.txt 2023-10-08 19:26:29 +02:00
Dominique RIGHETTO f81a9803f8 Add file 2023-10-08 19:17:49 +02:00
cbk914 9a871facf1 Merge branch 'danielmiessler:master' into master 2021-06-26 23:06:55 +02:00
Annihilat0r 495c8a6c3f Add NoSQL payload 2021-05-29 13:21:29 +03:00
cbk914 ae8aabcfed Merge branch 'master' of https://github.com/cbk914/SecLists 2020-09-30 16:37:47 +02:00
Daniel Neal 68fe48d9dd Add string js or injection 2020-09-14 21:55:24 -07:00
cbk914 e06aacd937 Revert "Merge pull request #4 from danielmiessler/master"
This reverts commit c266835781, reversing
changes made to fd4968f43b.
2020-08-11 14:25:56 +02:00
Dominique RIGHETTO 00f10f8513 Add character that can break a MongoDB query when JS expression is used 2020-07-18 18:00:24 +02:00
sheimo 6757058b8c Create sqli.auth.bypass.txt
This is a thorough SQL injection authentication bypass list. Each source below was combined to a text file and sorted.

Source: https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/
Source: http://www.lifeoverpentest.com/2018/03/sql-injection-login-bypass-cheat-sheet.html
2020-06-11 23:24:34 -05:00
g0tmi1k 245984882a Merge pull request #442 from kazkansouh/standardise-line-end
Standardise line endings
2020-05-28 11:11:35 +01:00
Jamie Scott 5b5cafaa47 Adding the not in operator
Adding the not in operator as another thing to check or test. It will equivalently act as { $ne: 1 } only it functions within an array.
2020-05-28 00:34:48 -07:00
Karim Kanso 607c3293b4 strip trailing whitespace 2020-05-27 14:26:51 +01:00
g0tmi1k a65f6bd665 Close #291 - Fix encoding issues
$ for x in $( find . -type f ); do iconv -f utf-8 -t utf-8 -c ${x} | sed '/^$/d' > tmp; mv tmp ${x}; done
2019-05-08 11:04:00 +01:00
g0tmi1k 7b1f14989c Quick move about 2019-04-12 13:52:47 +01:00
g0tmi1k 3f2c0d33d2 Quick clean up of locations 2019-04-10 13:22:39 +01:00