sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the …
Category: SQL Injunction detection tools
Permanent link to this article: https://www.darknessgate.com/2015/05/13/sqlmap-2/
sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the …
Permanent link to this article: https://www.darknessgate.com/2012/07/24/sqlmap/
fatcat-sql-injector
This is an automatic SQL Injection tool called as FatCat , Use of FatCat for testing your web application and exploit your application more deeper. FatCat Features that help you to extract the Database information, Table information, and Column information from web application. Only If it is vulnerable to SQL Injection Vulnerability. Download FatCat
Permanent link to this article: https://www.darknessgate.com/2012/07/24/fatcat-sql-injector/
The Mole
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command …
Permanent link to this article: https://www.darknessgate.com/2012/07/24/the-mole/
MySqloit
MySqloit is a SQL Injection takeover tool focused on LAMP (Linux, Apache,MySql,PHP) and WAMP (Windows, Apache,MySql,PHP) platforms. It has an ability to upload and execute Metasploit shellcodes through the MySql SQL Injection vulnerability. Platform supported 1) Linux Key Features 1) SQL Injection detection using time based injection method 2) Database fingerprint 3) Web server directory …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/mysqloit/
BSQL (Blind SQL) Hacker
BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database. BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections). Key Features Easy Mode SQL Injection Wizard Automated Attack Support (database dump) ORACLE …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/bsql-blind-sql-hacker/
Safe3SI
Safe3SI is one of the most powerful and easy usage penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/safe3si/
SQL Ninja
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/sql-ninja/
Havij
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/havij/
SQL injection digger
SQL injection digger is a command line program that looks for SQL injections and common errors in web sites. Current version can perform the following operations: Look for SQL injections and common errors in web site URLs found by performing a google search. Look for SQL injections and common errors in a given URL or …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/sql-injection-digger/
SQLIer
SQLIer takes an SQL Injection vulnerable URL and attempts to determine all the necessary information to build and exploit an SQL Injection hole by itself, requiring no user interaction at all (unless it can’t guess the table/field names correctly). By doing so, SQLIer can build a UNION SELECT query designed to brute force passwords out …
Permanent link to this article: https://www.darknessgate.com/2012/07/23/sqlier/
- 1
- 2