This is a structured guide for finding and exploiting SQL injection vulnerabilities in web applications during authorized penetration tests. It walks through detection using single quotes and boolean logic, then covers UNION-based extraction, error-based exploitation, blind injection with time delays, and authentication bypass techniques. You also get filter evasion methods for when applications try to block special characters or keywords. The workflow is methodical and includes database-specific payloads for MySQL, MSSQL, PostgreSQL, and Oracle. It's useful for security assessors who need systematic coverage of SQLi attack vectors, though you'll want your own judgment on scope limits since the documentation cuts off mid-sentence in the constraints section. Assumes you already understand SQL syntax and HTTP basics.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill sql-injection-testing