SQL-Injection Simulation

Hello everyone,

I’m working on my Bachelor Thesis and I would like to know what the easiest way is to simulate a SQL-Injection in InsightIDR attack. I installed a webserver on my virtual Machine and tried to attack it from another VM with curl and wget. The problem is, the Platform doesn’t recognise it as a SQL-Injection, ergo I don’t get any Alerts, just Apache-Logs in that I find in Log Search. There is also an agent installed on my VM.

Thank you

Hi there,

interesting idea. How to trigger an alert via “logger” in Linux or “Write-EventLog” with powershell. Does anybody have some fitting log entries?

Thanks in advance,