(.*)
Regexify
HomeSQL Injection Detectors

SQL Injection Detectors

Identify malicious SQL patterns and payloads.

21 Tools Available

Union Based

Detects UNION attacks.

/UNION\s+SELECT/

Error Based

Detects db errors.

/(syntax|error|warning|mysql)/

Comment Dash

Detects SQL comments.

/--/

Comment Hash

Detects SQL hash comments.

/#/

Tautology

Detects 1=1 bypass.

/OR\s+1=1/

Drop Table

Detects destructive drop.

/DROP\s+TABLE/

Insert Into

Detects unauthorized insert.

/INSERT\s+INTO/

Delete From

Detects delete commands.

/DELETE\s+FROM/

Update Set

Detects update attacks.

/UPDATE\s+.*\s+SET/

Exec Command

Detects execution attempts.

/EXEC\(/

Shutdown

Detects shutdown commands.

/SHUTDOWN/

Sleep/Benchmark

Detects timing attacks.

/(SLEEP|BENCHMARK)\(/

Version Check

Detects version fingerprinting.

/@@VERSION/

Hex Payload

Detects hex encoded payloads.

/0x[0-9a-fA-F]+/

System Table

Detects schema probing.

/information_schema/

Concatenation

Detects string concat.

/CONCAT\(/

Where Clause

Detects forced true conditions.

/WHERE\s+[0-9]+=[0-9]+/

Group By

Detects grouping injection.

/GROUP\s+BY/

Having Clause

Detects having injection.

/HAVING/

XSS in SQL

Detects script tags in DB input.

/<script>/

NoSQL Injection

Detects NoSQL injection patterns.

/[$](ne|gt|lt|gte|lte)/