Does it provide remediation advice?

Yes, the skill includes guidance on remediation, such as implementing parameterized queries and proper input validation to prevent future vulnerabilities.

Does this skill support blind SQL injection?

Yes, it includes specialized methods for both boolean-based and time-based blind injection for scenarios where database error messages are suppressed.

What database systems does this skill support?

It provides comprehensive techniques and payloads for major systems including MySQL, Microsoft SQL Server (MSSQL), PostgreSQL, and Oracle.

Is this skill meant for automated or manual testing?

It is designed to facilitate a hybrid approach, providing manual payloads and systematic logic that can be used alongside automated tools like SQLMap.

Can it help with WAF or filter evasion?

Absolutely. The skill includes techniques for character encoding, whitespace substitution, and keyword variation to bypass Web Application Firewalls and blacklists.

SQL Injection Security Testing

Name: SQL Injection Security Testing
Author: boisenoise

byboisenoise

0•

Security & Testing

Conducts comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

This skill empowers security professionals and developers to perform deep-dive SQL injection audits across various database systems including MySQL, MSSQL, PostgreSQL, and Oracle. It provides systematic workflows for detecting injectable parameters, executing complex exploitation techniques—such as UNION-based, time-blind, and out-of-band extraction—and bypassing common security filters or authentication mechanisms to validate application resilience and input sanitization effectiveness.

Key Features

01Sophisticated WAF and filter evasion techniques using encoding and comments

020 GitHub stars

03Advanced exploitation payloads including UNION-based and error-based extraction

04Authentication bypass strategies for testing login form security

05Multi-vector detection for in-band, blind, and out-of-band injection flaws

06Database fingerprinting for MySQL, MSSQL, PostgreSQL, and Oracle

Use Cases

01Validating the effectiveness of input sanitization and parameterized queries

02Executing authorized penetration tests to discover critical database vulnerabilities

03Generating proof-of-concept exploits for security reporting and remediation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add boisenoise/skills-collections antigravity-sql-injection-testing

For use in Claude.ai and ChatGPT

Download Skill