tbstuntz Posted March 5, 2011 Posted March 5, 2011 Does anyone know of any sites that can be downloaded or other ways to legally practice sql injection techniques? Quote
tbstuntz Posted March 5, 2011 Author Posted March 5, 2011 Guessing thats a no then? It's another venture that I have never played about with and I am not just going to start trying it on any old site I can find. Quote
Sparda Posted March 5, 2011 Posted March 5, 2011 http://www.google.co.uk/search?q=damn+vulnarable+web+app Quote
digip Posted March 5, 2011 Posted March 5, 2011 Guessing thats a no then? It's another venture that I have never played about with and I am not just going to start trying it on any old site I can find. Sparda gave you the answer - > http://www.dvwa.co.uk/ Damn Vulnerable Web App or DVWA is a PHP/MySQL setup for pentesting. Otherwise, you could setup a Microsoft SQL server on your own and create your own web apps to test against. Quote
tbstuntz Posted March 5, 2011 Author Posted March 5, 2011 Ahh I see sorry mate. I stupidly thought you were just meaning the sql injection was stupid. Thanks Quote
buffy Posted March 6, 2011 Posted March 6, 2011 For my testing of this, I learnt PHP and MYSQL and set up a virtual box running ubnutu 10.4.2 LTS with LAMP + Webmin Quote
digininja Posted March 6, 2011 Posted March 6, 2011 Seeing as DVWA is written by a friend of mine I'll promote that one but you've also got: http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 and a whole host of them from OWASP: http://www.owasp.org/index.php/Main_Page Also the Hacme range, originally from Foundstone Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.