Do you have any SQL Injection Testing “Ammo”?

Question

When reading about SQL Injection and XSS i was wondering if you guys have a single string that could be used to identify those vulnerabilities and others.

A string that

Answer 1

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/

Includes versions for most DBs, including Hex tricks that bypass standard escaping.

Answer 2

Honestly there are some tools that are pretty good a testing for SQL Injection, but honestly they don't fully replace manual testing and code review ideally.

To use your example there are situations where "or (1=1)" doesn't work but "or/**/ (1=1);--" does.

Sometimes tweaking certain strings will provide different results, depending on things like character encoding and general creativity. It also bears mentioning that sometimes you aren't safe from 3rd party tools in your web application as well. Never underestimate the creativity of people, especially if you have a public website.

This is a pretty good cheatsheet.

To do my testing I use Paros, it has an interesting website scanning tool that you can also run that finds some problems as well.

This question bears the repeating of this SQL Injection cartoon.

Answer 3

See the OWASP site for examples.

Answer 4

I've found some nice firefox addons that do the trick.

XSS Me

SQL Inject Me

Answer 5

https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet has lots of examples for testing SQL injection.