This article primarily shares an experience in exploiting SQL injection vulnerabilities in mobile app applications, focusing on the current environment and the various ways SQL injection can still be exploited along with its principles. It then goes on to share my approach to SQL injection exploitation and some methods to bypass Web Application Firewalls (WAF) for SQL injection through a practical exploitation process.

● SQL Injection Principle
● Vulnerability Discovery Process
● Mitigation Strategies for SQL Injection

Click here to know details: Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and Mitigation Strategies