Portswigger Academy SQL injection login bypass walkthrough

 This is the second of the labs for SQL Injection, the first section of the apprentice track in Portswigger Academy.  Like the first lab, it doesn't require Burp Suite, although you can use it.  I chose not to.

The lab website is a sample store.  Click the My Account link at the top of the page.

This takes you to a login page. 

In the Username box, type administrator'-- and in the password box, enter anything (the password will not get passed to the database).  That's it, you're now logged in as administrator, and the banner pops up congratulating you on completing the lab.

Copperhead, Job Hunting

 I'm trying to decide whether to even bother writing Copperhead.  It's supposed to run nmap -sV scans against hosts, then check exploitdb for known exploits.  The problem is, it takes a ton of text parsing and massaging to get something vague enough to search exploitdb without being too vague.  Oh, and it'd have to require the offline version of exploitdb and its tools, because I can't find a way to search exploitdb's website.

It almost seems like a solution in search of a problem.  So at the moment, it's on the back burner.

I'm also getting discouraged in my job hunt.  I'm not sure if I'm not putting myself out there well enough (too shy and stuttery, bad body language, etc.) or if my lack of experience is my problem.  I do have about 3 years of experience in security... as a sysadmin.  But because I didn't have "security" in my job title, that doesn't seem to count.  Plus that was 6 years ago.  I'm re-teaching myself everything I've forgotten about security over the years plus adding new skills, but... I don't know.  Job hunting is feeling futile at the moment.