hey everyone I was reading some books about SQL injection and the author started throwing some terms I couldn't understand so can you help me understand them my questions: query level in the database what it means?
by the way the author talks about sqlmap specifically how it works and he mentions a file named payload.xml and in this file, there is a level of the query used by Sqlmap to reduce the number of the query in the SQL injection process u can take a look at this screenshot from the book https://i.sstatic.net/kAA6u.jpg
This is purely terminology for sqlmap.
The sqlmap tool tests common vectors of SQL injection. The level of a test is intended to reflect the difficulty of detecting SQL injection from each vector.
When you invoke the sqlmap tool to run a test, you can tell it to perform tests for additional vectors of input. This is just a way to allow you to enable more tests when you invoke the sqlmap tool.
I skimmed the sqlmap documentation (https://github.com/sqlmapproject/sqlmap/wiki/Usage) and got the following summary:
Cookie http headerUser-Agent and Referer http headersHost http header