Second-year PhD student in the Computer Science Department at Stony Brook University. CTF, Maths enthusiast. A member of the Black Bauhinia (blackb6a) CTF team based in Hong Kong.
A simple demo of SQL injection. The SQL 'backend' is entirely client-side, courtesy of the wasm port of SQLite3. The syntax highlighting should help visualize which part of the query is treated as strings, code or comments.
