Do you have any SQL Injection Testing "Ammo"?

testing xss sql-injection
Ólafur Waage picture Ólafur Waage · Nov 8, 2008 · Viewed 11.4k times · Source

When reading about SQL Injection and XSS i was wondering if you guys have a single string that could be used to identify those vulnerabilities and others.

A string that could be thrown into a website database to black box check if that field is safe or not. (going to do a large test on a few inhouse tools)

Rough example, wondering if you guys know of more?

"a' or '1'='1"

"center'> < script>alert('test')< /script>"

EDIT: Found a nice XSS question on SO

Answer

&#211;lafur Waage picture Ólafur Waage · Nov 8, 2008

I've found some nice firefox addons that do the trick.

XSS Me

SQL Inject Me

Related questions

How to solve the error LNK2019: unresolved external symbol - function?

I get this error, but I don't know how to fix it. I'm using Visual Studio 2013. I made the solution name MyProjectTest This is the structure of my test solution: -function.h #ifndef MY_FUNCTION_H #define MY_FUNCTION_H …

Read More
How to check if a string array contains one string in JavaScript?

I have a string array and one string. I'd like to test this string against the array values and apply a condition the result - if the array contains the string do "A", else do "B". How can I do …

Read More
Unit Testing C Code

I worked on an embedded system this summer written in straight C. It was an existing project that the company I work for had taken over. I have become quite accustomed to writing unit tests in Java using JUnit but …

Read More