In this chapter, we're going to learn different ways to exploit the popular vulnerability known as SQL injection, which I believe most readers are familiar with. An SQL injection flaw simply allows an attacker to inject or tamper with certain parts of a database query in a web application to perform attacker-specified operations such as exfiltration of data, writing files to the database server, or even achieving server side code execution.

I am going to cover this section mainly through an industry-grade tool that exploits SQL injection flaws; the tool is called SQLMap. SQLMap is a powerful and versatile open source tool written by Bernardo and Miroslav to dynamically detect and exploit SQL injection issues. ...