SQLi Workbook was created to provide a workspace for students attending RailsConf 2022. As attendees learned about how ActiveRecord methods were implemented differently, they had the ability to use this workbook to test different malicious strings, and after submission, see the resulting SQL string, along with the output from the system.
The concept was borrowed from Rails SQLi, and but implemented differently to account for many developers needing to work in the same running application (hence mechanisms like new sessions creating new databases).
If you are interested in a course like this for your own company or group, contact Meristem Infosec.
This code is not available for commercial use, but you are welcome to try it out for your own education or for small group instruction.