How To Check Website for SQL Injection Vulnerability

One of the most common technique of Hacking which have gained popularity is SQL Injection. It is a technique in which we check a website for a vulnerability which can be exploited to access, retrieve or change the contend of the database easily.

The websites which are most likely to be vulnerable to SQL injection are the websites which have extra parameter passed to it.

Eg: www.mysite.com?id=30
www.mysite2.com?id=30&no=343

If there is no proper handling of the data, passed through URL, these sites become vulnerable and can be exploited.

You can use Google Dork to find such websites over internet

event.php?id= site:.com

In the above line we are telling google to find all the .com websites which have event.php page in it and id= has been passed as the parameter