Create Your First Project
Start adding your projects to your portfolio. Click on "Manage Projects" to get started
SQL Injection Project
Project type
Coding Project
Date
26 November 2025
Location
Baltimore, Maryland
This project explored SQL Injection attacks by developing both vulnerable and secure database applications to demonstrate how improper handling of user input can compromise authentication systems. The objective was to understand common injection techniques while implementing industry-standard defenses against them.
I created intentionally vulnerable login and search applications that accepted unsanitized SQL input, allowing authentication bypass and unauthorized database access through crafted SQL Injection payloads. I then refactored the applications to use parameterized queries (prepared statements), eliminating injection vulnerabilities while preserving application functionality.
Through this project, I gained practical experience in secure database programming, input validation, authentication security, and defensive coding practices. It reinforced the importance of separating user input from executable SQL and demonstrated how secure query design protects applications from one of the most common web security vulnerabilities.
Technologies Used
Python
SQLite
SQL
Prepared Statements
Parameterized Queries
SQL Injection Testing
Secure Authentication
Input Validation
What I Learned
Identifying and exploiting SQL Injection vulnerabilities in controlled environments.
Implementing prepared statements to eliminate SQL Injection attacks.
Applying secure coding principles for authentication and database access.
Understanding how malicious SQL payloads manipulate database queries.
Comparing vulnerable and secure implementations to evaluate application security.











