## Apprentice Level - βœ… [[1. SQL injection vulnerability in WHERE clause allowing retrieval of hidden data]] - βœ… [[2. SQL injection vulnerability allowing login bypass]] ## Practitioner Level - βœ… [[3. SQL injection attack, querying the database type and version on Oracle]] - βœ… [[4. SQL injection attack, querying the database type and version on MySQL and Microsoft]] - βœ… [[5. SQL injection attack, listing the database contents on non-Oracle databases]] - βœ… [[6. SQL injection attack, listing the database contents on Oracle]] - βœ… [[7. SQL injection UNION attack, determining the number of columns returned by the query]] - βœ… [[8. SQL injection UNION attack, finding a column containing text]] - βœ… [[9. SQL injection UNION attack, retrieving data from other tables]] - βœ… [[10. SQL injection UNION attack, retrieving multiple values in a single column]] - ❌ [[11. Blind SQL injection with conditional responses]] - βœ… [[12. Blind SQL injection with conditional errors]] - βœ… [[13. Visible error-based SQL injection]] - βœ… [[14. Blind SQL injection with time delays]] - βœ… [[15. Blind SQL injection with time delays and information retrieval]] - βœ… [[16. Blind SQL injection with out-of-band interaction]] - βœ… [[17. Blind SQL injection with out-of-band data exfiltration]] - βœ… [[18. SQL injection with filter bypass via XML encoding]]