When reading about SQL Injection and XSS i was wondering if you guys have a single string that could be used to identify those vulnerabilities and others.
A string that could be thrown into a website database to black box check if that field is safe or not. (going to do a large test on a few inhouse tools)
Rough example, wondering if you guys know of more?
"a' or '1'='1"
"center'> < script>alert('test')< /script>"
EDIT: Found a nice XSS question on SO
http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
Includes versions for most DBs, including Hex tricks that bypass standard escaping.
Honestly there are some tools that are pretty good a testing for SQL Injection, but honestly they don't fully replace manual testing and code review ideally.
To use your example there are situations where "or (1=1)" doesn't work but "or/**/ (1=1);--" does.
Sometimes tweaking certain strings will provide different results, depending on things like character encoding and general creativity. It also bears mentioning that sometimes you aren't safe from 3rd party tools in your web application as well. Never underestimate the creativity of people, especially if you have a public website.
This is a pretty good cheatsheet.
To do my testing I use Paros, it has an interesting website scanning tool that you can also run that finds some problems as well.
This question bears the repeating of this SQL Injection cartoon.
Using the free tests (sqlmap and sqlix) at http://www.hackertarget.com you will see a large number of different types of attacks in your web logs.
A good way to get some externally sample probes against your web site.