SQL Injection - Childs Play

SQL injection is becoming far too easy with the help of such tools as Havij. Havij is marketed as automated SQL injection tool for penetration testing, yet I wonder what % of real world users of this tool actually use it for ‘testing’.

Below is a great video I came across from Troy Hunt’s Youtube channel demonstrating how easy Havij is to use and how easy it can be to extract data from poorly written and secured sites.

Posted in Security, Databases with : Hacking