Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.
The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injection vulnerable targets using Havij.
The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.
There is a free version available and also a more fully-featured commercial edition available here.
You can download Havij v1.12 Free Edition here:
Or read more here.
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
- Navy Sys Admin Hacks Into Databases From Aircraft Carrier
- aidSQL – PHP Application For SQL Injection Detection & Exploitation
- BobCat SQL Injection Tool based on Data Thief
- BSQL Hacker – Automated SQL Injection Framework
- SPIKE Proxy – Application Level Security Assessment
Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 73,758 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 53,886 views
- Absinthe Blind SQL Injection Tool/Software - 39,038 views