About

This site is for pentesters and bounty hunters to push their SQLi approaches to the next level. It offers difficult and realistic SQLi challenges found in the wild. I started this site because most SQLi challenges offer basic coverage of techniques, and hardly reflect real cases. Listed below are some of the features that this platform offers:

Beginner to Advanced SQLi challenges

WAF Implementations

Multiple and obscure databases used - not just MySQL

Challenge randomisation - start a random challenge forcing you to go through your own methodology

Links to reports the challenge has been based on - challenges are tied to real scenarios

Methodology approaches - a big picture view, not just an atomic lens

... and more features coming