Advanced SQL Injection Cheatsheet MySQL Injection Cheatsheet • Error- or UNION-based SQLi • Routed queries (Advanced WAF Bypass) • Bypass Error: The used SELECT statements have a different number of columns • New attacking vectors (Bypassing WAF) • The Alternative way of using And 0 • The Alternative WAY of using Null • Boolean-based (content-based) Blind SQLi • Time Based SQLi • Stabilise & Whitespace Filter Bypass • Local File Inclusion (LFI) • Privilege Escalation PostgreSQL Injection Cheatsheet • Error- or UNION-based SQLi • Local File Inclusion (LFI) • Privilege Escalation Oracle Injection Cheatsheet • Error- or UNION-based SQLi MSSQL Injection Cheatsheet • Error- or UNION-based SQLi • Privilege Escalation