sql-injection-blind
OfficialExploit blind SQL injection vulnerabilities.
Software Engineering#sql injection#penetration testing#web security#vulnerability exploitation#blind sqli#oob exfiltration
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill enables penetration testers to identify and exploit blind SQL injection vulnerabilities in web applications, where direct output or errors are not visible.
Core Features & Use Cases
- Boolean-Based Exploitation: Detects vulnerabilities by observing differences in application responses to true/false SQL conditions.
- Time-Based Exploitation: Exploits vulnerabilities by measuring deliberate delays in server responses.
- Out-of-Band (OOB) Exploitation: Exfiltrates data via DNS or HTTP callbacks when other methods fail.
- Use Case: A penetration tester suspects a blind SQL injection in a login form parameter. They use this Skill to confirm the vulnerability and extract database table names and user credentials indirectly.
Quick Start
Use the sql-injection-blind skill to test the 'id' parameter on 'http://example.com/page?id=1' for time-based SQL injection.
Dependency Matrix
Required Modules
sqlmap
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sql-injection-blind Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#sql-injection-blind Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.