SQLI Enumeration

This scenario leverages the Nuclei injector 🧪 to perform SQL Injection (SQLi) assessments against web applications. It is designed to efficiently identify potential SQL injection vulnerabilities using automated enumeration techniques.

🎯 Target Configuration Options

The scenario supports three types of targets:

🧩 Asset / Asset Group When an asset or an asset group is specified, any discovered SQL injection or other vulnerabilities will be automatically associated with the corresponding asset.

✅ This provides better visibility, correlation, and tracking of vulnerabilities within the asset inventory.

✍️ Manual Target A manual target allows users to directly specify a URL without creating an asset beforehand. Example: http://testphp.vulnweb.com/artists.php?artist=2

🔍 The advantage of this approach is that the scan focuses on enumerating SQL injection vulnerabilities on a specific path and parameter. If a vulnerability is detected, it will be reported and surfaced accordingly.

🛠️ Detection Methodology

This scenario is based on Nuclei templates 📄 and currently performs:

⚠️ Error-based SQL Injection enumeration

⏱️ Time-based (blind) SQL Injection enumeration

The templates automatically test input parameters and analyze server responses to detect SQL injection behaviors.

⚙️ Customization & Extensibility

Although the scenario relies on existing Nuclei SQLi templates by default, it is fully customizable 🔧. Users can easily integrate custom Nuclei templates to adapt the assessment to specific applications or advanced testing needs.

🎯 Use Cases

This scenario is ideal for:

🔄 Automated SQLi discovery across managed assets

🎯 Targeted testing of specific URLs and parameters

🧠 Integrating findings into asset-centric vulnerability management workflows