MySQL architecture, privilege model, dangerous defaults, attack surface overview and pentest checklist.
Reference table of all MySQL attack vectors: SQLi variants, FILE abuse, UDF, auth bypass, privesc.
MySQL-specific syntax, UNION extraction, error-based functions, WAF bypass, sqlmap cheatsheet.
SUPER abuse, mysql.user manipulation, stored procedure DEFINER tricks, trigger-based escalation.
Upload malicious .so/.dll, CREATE FUNCTION sys_exec, execute OS commands, Windows and Linux paths.
LOAD_FILE for sensitive files, INTO OUTFILE for webshells, LOAD DATA LOCAL INFILE client attack.
Default creds, CVE-2012-2122 memcmp bypass, login form SQLi, hash cracking, Gopher/SSRF chain.
Boolean-based extraction, SLEEP/BENCHMARK, heavy queries, OOB via DNS, sqlmap automation.
User privileges, network binding, secure_file_priv, authentication hardening, logging and monitoring.