In this chapter, we covered a vulnerability that can be exploited, which are SQL injections. This SQLi can be used to perform a wide range of very dangerous attacks on the databases of a machine and the server. First, we saw how we can discover these injections. We also learned how we can log in to a system using a URL—all we had to do was launch a few lines of code in which we had to mention the password and username. Then, we saw how to bypass SQLi without using login credentials. We even used the GET method to discover SQLi. After that, we learned how to fire basic select statements on a database. We even learned how to use the sqlmap tool, which is capable of performing a lot of things, but we only covered the basics in this chapter. Finally, we covered methods to prevent SQLi. In the next chapter, we are going to exploit cross-site scripting vulnerabilities...