Update for 28-02-22 16:00

tech/databases.wiki

@@ -6,7 +6,6 @@ network, with caching and other optimizations.
 == Database Design Principle ==
 
 
-
 == SQL ==
 
 See [[../lang/sql]]

tech/security.wiki

@@ -53,6 +53,8 @@ Hiding information
 Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip
 is the ip address of a device inside of the target network
 
+* [[sqli]]
+
 
 
 

tech/sqli.wiki

@@ -0,0 +1,9 @@
+= SQLI =
+
+SQLI or SQL injection is a type of attack where sql is placed into a field in
+an application, as is directly passed to a DBMS.
+
+An attack typically works by prematurely terminating a text string and
+appending a new command. Because the inserted command may have additional
+strings appended to it before it is executed, SQLI attack string generally end
+with a comment or `--`.