SQL Injection SQL injection (SQLi) is a technique that allows an attacker to execute SQL statements in an entry field. This technique was used with great success by the Lulzsec hackers.