README.md
March 14, 2026 ยท View on GitHub
๐๏ธ MSSQL Pentest Cheatsheet
A practical Microsoft SQL Server penetration testing cheat sheet designed for penetration testers, red teamers, and cybersecurity learners to understand how to enumerate, exploit, and abuse misconfigured MSSQL databases during security assessments.
๐ Connect With Us
๐ต Telegram โ Join Channel
โซ Twitter/X โ Follow Us
๐ฃ Discord โ Join Server
๐ผ LinkedIn โ Follow HackingArticles
๐ Training Program
๐ Join Our Cybersecurity Training Program
Hands-on training in Penetration Testing, Red Teaming, and Cybersecurity.
๐๏ธ MSSQL for Pentesters
| # | Topic | Description | Article |
|---|---|---|---|
| 1 | ๐ Stored Procedures Persistence | Maintain persistence on MSSQL servers using stored procedures | Read Article |
| 2 | ๐ Abusing Linked Database | Exploit linked database configurations to pivot across MSSQL servers | Read Article |
| 3 | โ๏ธ Abusing Trustworthy | Abuse the TRUSTWORTHY database property to escalate privileges | Read Article |
| 4 | ๐ง Command Execution with External Scripts | Execute system commands via MSSQL external scripting features | Read Article |
| 5 | ๐ญ Impersonate | Abuse impersonation privileges to escalate database access | Read Article |
| 6 | ๐ Metasploit | Exploit MSSQL services using Metasploit modules | Read Article |
| 7 | ๐งฉ Command Execution with CLR Assembly | Execute arbitrary code through custom CLR assemblies | Read Article |
| 8 | โก Command Execution with OLE Automation | Execute OS commands using OLE Automation procedures | Read Article |
| 9 | ๐ Discovery | Discover MSSQL services and configurations during reconnaissance | Read Article |
| 10 | ๐ป Command Execution with xp_cmdshell | Execute operating system commands via xp_cmdshell | Read Article |
| 11 | ๐ก MSSQL Enumeration with Nmap | Discover and enumerate MSSQL services using Nmap scripts | Read Article |
| 12 | ๐ Hashing | Extract and analyze password hashes stored in MSSQL | Read Article |
| 13 | ๐ ๏ธ Extended Stored Procedures | Execute commands using extended stored procedures | Read Article |
| 14 | ๐ Extracting Juicy Information | Extract sensitive information from MSSQL databases | Read Article |
| 15 | ๐งช MSSQL Lab Setup | Create a lab environment to practice MSSQL penetration testing | Read Article |