sql-injection-union
OfficialExploit UNION SQLi for rapid data access.
Software Engineering#data extraction#sql injection#penetration testing#web security#database exploitation#union select
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the exploitation of UNION-based SQL injection vulnerabilities, enabling rapid extraction of data directly from databases when query results are displayed in the application's response.
Core Features & Use Cases
- Automated UNION SQLi Exploitation: Guides the user through determining column counts, identifying displayed columns, and extracting data using UNION SELECT statements.
- Database Enumeration: Supports extracting database schemas, tables, and columns across MySQL, MSSQL, PostgreSQL, Oracle, and SQLite.
- Use Case: When a web application displays search results that are powered by a database, this Skill can be used to extract user credentials or sensitive information by injecting UNION SELECT statements.
Quick Start
Use the sql-injection-union skill to find the number of columns in the injection point 'https://example.com/search?id=1'.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sql-injection-union Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#sql-injection-union Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.