BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database.
It ships with Automated Attack modules which allows the dumping of whole databases for the following DBMS:
- MS-SQL Server
- MySQL (experimental)
Attack Templates for:
- MS Access
- MS-SQL Server
Also you can write your own attack template for any other database as well (see the manual for details). New attack templates and exploits for specific web application can be shared via Exploit Repository.
BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).
It supports :
- Blind SQL Injection (Boolean Injection)
- Full Blind SQL Injection (Time Based)
- Deep Blind SQL Injection (a new way to exploit BSQLIs, explained here)
- Error Based SQL Injection
It allows metasploit alike exploit repository to share and update exploits and attack temlpates.
You can download BSQL Hacker here:
Or read more here.
Recent in Database Hacking:
- The Mole v0.3 Released For Download – Automatic SQL Injection Exploitation Tool
- MySQL 1 Liner Hack Gives Root Access Without Password
- xSQLScanner – Database Password Cracker & Security Audit Tool For MS-SQL & MySQL
- Havij – Advanced Automated SQL Injection Tool
- FG-Injector – SQL Injection & Proxy Tool
- w3af – Web Application Attack and Audit Framework
Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 64,945 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 53,246 views
- Absinthe Blind SQL Injection Tool/Software - 38,121 views