[BSQLI] Dumpea bases de datos en segundos.
Cuando empeze a aprender sobre vulnerabalidades, una de las que mas me llamo la atencion fue las inyecciones SQLI. Aprendi desde lo mas basico, inyecciones.. hasta lo mas avanzado, WAF bypass, metodos de automatizacion etc. En mi cabeza queria crear una herramienta que me permitiera dumpear bases de datos de la forma mas rapida posible.
Por ende, se me ocurrio crear esta herramienta, que es una version modifica de la tool original hecha por LostSec.
En que consiste la BSQLI?
La BSQLI permite al usuario probar inyeccion SQLI time based de forma automatizada, en requests de tipo GET, con el fin de probar si el sitio web es vulnerable a SQLI o no.
Obviamente no garantiza una deteccion al 100%, ya que las vulnerabilidades SQLI tambien se pueden encontrar en requests de tipo POST, pero es una herramienta bastante interesante y eficaz para su fin.
2. Decide on how you’ll make your store
The three common ways are:
- Using a website builder that supports ecommerce (Squarespace is the best)
- Using an ecommerce website builder (Shopify is the best)
- Using a CMS plugin (like WooCommerce)
For most small to mid-sized ecommerce stores, we recommend Squarespace for its beautiful templates, drag-and-drop builder, and ease of use.
On the other hand, Shopify is slightly complex but gives you advanced functionalities through the Shopify app store with 6300+ 3rd party apps (for example, Oberlo for dropshipping). Overall, it’s great for stores of all sizes.
As for WooCommerce, it’s less beginner-friendly than the other two, but a good choice if you want to have other content (like video or photo galleries) alongside ecommerce and are already familiar with WordPress.
3. Get the domain name for your store
Once you know the scope of your store, list down a few domain names in priority order. Then, search for the availability of each domain from top-to-bottom.
Register as soon as you find one available. Ideally, register from the ecommerce platform you choose — both Squarespace and Shopify’s plans include free domain registration.
Notice how the new definition doesn’t mention “online personal reflections” or “online journal.”
That’s because blogs have evolved from being a place for personal writings only friends/family read.
Nowadays, almost all business websites have a blog section, and they surely aren’t publishing “personal reflections.” Plus, the internet is filled with “niche blogs” by subject-matter experts — like Site Builder Report by people heavily invested in critiquing websites and website builders — and their end goals are also to attract traffic, drive revenue, etc.
Yes, many people still maintain a personal blog that fits the old definition. But today, most blogs aim to achieve business goals like improving search engine rankings to attract visitors, nurturing existing community, showcasing oneself/business as a subject authority to gain potential customers’ trust, conversions, etc.
References
- (1) https://research.checkpoint.com/2023/from-hidden-bee-to-rhadamanthys-the-evolution-of-custom-executable-formats/
- (2) https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/
- (3) https://research.checkpoint.com/2024/massive-phishing-campaign-deploys-latest-rhadamanthys-version/
- (4) https://go.recordedfuture.com/hubfs/reports/mtp-2024-0926.pdf
- (5) https://outpost24.com/blog/lummac2-anti-sandbox-technique-trigonometry-human-detection/
BLOGS AND PUBLICATIONS
October 5,2025
The Danger in Clicking ‘OK’
October 5,2025
The Danger in Clicking ‘OK’
October 5,2025
2024 Security Report: Podcast Edition
October 5,2025
2024 Security Report: Podcast Edition
October 5,2025
The Danger in Clicking ‘OK’
October 5,2025
Iran’s Most Advanced Cyber Attack Yet
About Us
Publications
© 2025 TheHackerville. All rights reserved.