In this kind of SQL injection, it is possible to analyze using the same channel used to send the statement. This means that the response generated by the database management system is received in the application that has been analyzed. Inside in-band SQL injections, there are two types of SQL injection:

• Error-based SQL injections: This is the most common type of SQL injection. These SQL injections be exploited using the errors returned by the database server directly in the HTTP response.
• Union-based SQL injections: In this type of SQL injection, we will be using a UNION statement to get information from the database using the HTTP response.