Share
## https://sploitus.com/exploit?id=44C26253-2F98-500B-91D3-3C4B7B2A5583
# πŸ•ΈοΈ Automated SQLi Vulnerability Scanner & Lab

## πŸ“Œ Project Overview
This project is an educational Cybersecurity lab focusing on **Web Application Security (AppSec)** and **Offensive Security**. 
It contains two main components:
1. **A Vulnerable Web Server (`vulnerable_server.py`):** Built with Python Flask and SQLite, intentionally vulnerable to SQL Injection.
2. **An SQLi Scanner (`v1_sqli_scanner.py`):** An automated Python script that sends malicious payloads to detect Error-Based SQL Injections.

## 🧠 Security Concepts Demonstrated
* **Error-Based SQL Injection:** Exploiting improper input validation.
* **Information Leakage:** How exposing backend database errors helps attackers.
* **Vulnerability Scanning:** Automating payload delivery and response parsing using the `requests` library.
* **Remediation:** Highlighting the need for **Prepared Statements** to prevent such attacks.
## πŸ’» How to Run the Lab

You will need two terminal windows to run this lab locally.
## How to Run the Lab

You will need two terminal windows to run this lab locally.

### Terminal 1: Start the Vulnerable Target
```bash
python vulnerable_server.py