# SQL Injection

- [¿SQL Injection?](/web/sql-injection/sql-injection.md)
- [Lab 1: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data](/web/sql-injection/lab-1-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data.md): https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data
- [Lab 2: SQL injection vulnerability allowing login bypass](/web/sql-injection/lab-2-sql-injection-vulnerability-allowing-login-bypass.md): https://portswigger.net/web-security/sql-injection/lab-login-bypass
- [Lab 3: SQL injection attack, querying the database type and version on Oracle](/web/sql-injection/lab-3-sql-injection-attack-querying-the-database-type-and-version-on-oracle.md): https://portswigger.net/web-security/sql-injection/examining-the-database/lab-querying-database-version-oracle
- [Lab 4: SQL injection attack, querying the database type and version on MySQL and Microsoft](/web/sql-injection/lab-4-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft.md): https://portswigger.net/web-security/sql-injection/examining-the-database/lab-querying-database-version-mysql-microsoft
- [Lab 5: SQL injection attack, listing the database contents on non-Oracle databases](/web/sql-injection/lab-5-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases.md): https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-non-oracle
- [Lab 6: SQL injection attack, listing the database contents on Oracle](/web/sql-injection/lab-6-sql-injection-attack-listing-the-database-contents-on-oracle.md): https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-oracle