tbstuntz Posted March 5, 2011 Share Posted March 5, 2011 Does anyone know of any sites that can be downloaded or other ways to legally practice sql injection techniques? Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 5, 2011 Share Posted March 5, 2011 Damn vulnerable web app Quote Link to comment Share on other sites More sharing options...
tbstuntz Posted March 5, 2011 Author Share Posted March 5, 2011 Guessing thats a no then? It's another venture that I have never played about with and I am not just going to start trying it on any old site I can find. Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 5, 2011 Share Posted March 5, 2011 http://www.google.co.uk/search?q=damn+vulnarable+web+app Quote Link to comment Share on other sites More sharing options...
digip Posted March 5, 2011 Share Posted March 5, 2011 Guessing thats a no then? It's another venture that I have never played about with and I am not just going to start trying it on any old site I can find. Sparda gave you the answer - > http://www.dvwa.co.uk/ Damn Vulnerable Web App or DVWA is a PHP/MySQL setup for pentesting. Otherwise, you could setup a Microsoft SQL server on your own and create your own web apps to test against. Quote Link to comment Share on other sites More sharing options...
tbstuntz Posted March 5, 2011 Author Share Posted March 5, 2011 Ahh I see sorry mate. I stupidly thought you were just meaning the sql injection was stupid. Thanks Quote Link to comment Share on other sites More sharing options...
buffy Posted March 6, 2011 Share Posted March 6, 2011 For my testing of this, I learnt PHP and MYSQL and set up a virtual box running ubnutu 10.4.2 LTS with LAMP + Webmin Quote Link to comment Share on other sites More sharing options...
digininja Posted March 6, 2011 Share Posted March 6, 2011 Seeing as DVWA is written by a friend of mine I'll promote that one but you've also got: http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 and a whole host of them from OWASP: http://www.owasp.org/index.php/Main_Page Also the Hacme range, originally from Foundstone Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.