Archive | Database Hacking

Advertisements


18 December 2008 | 6,587 views

sqlmap 0.6.3 Released – Automatic SQL Injection Tool

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back end database management system […]

Continue Reading


12 December 2008 | 6,605 views

sapyto v0.98 Released – SAP Penetration Testing Framework Tool

sapyto is the first SAP Penetration Testing Framework, sapyto provides support to information security professionals in SAP platform discovery, investigation and exploitation activities. sapyto is periodically updated with the outcome of the deep research on the various security aspects in SAP systems. Although sapyto is a versatile and powerful tool, it is of major importance […]

Continue Reading


05 November 2008 | 11,836 views

MultiInjector – Automated Stealth SQL Injection Tool

MultiInjector claims to the first configurable automatic website defacement software, I’m not sure if that’s a good thing – or a bad thing. But well here it is anyway. Features Receives a list of URLs as input Recognizes the parameterized URLs from the list Fuzzes all URL parameters to concatenate the desired payload once an […]

Continue Reading


29 October 2008 | 7,939 views

Google Hacking Back in The News – Google Takes Action

Google hacking was the big thing back in 2004, I actually did a talk on it in Hack in the Box 2004, it’s resurfaced again as a serious threat with Google noticing more queries relating to things like social security numbers. The Google Hacking Database has been active for years now and there are hundreds […]

Continue Reading


28 October 2008 | 10,963 views

sqlmap 0.6.1 released – Automatic SQL Injection Tool

sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, […]

Continue Reading


25 September 2008 | 36,460 views

BSQL Hacker – Automated SQL Injection Framework

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database. It ships with Automated Attack modules which allows the dumping of whole databases for the following DBMS: MS-SQL Server ORACLE MySQL (experimental) Attack Templates for: MS Access MySQL ORACLE PostgreSQL MS-SQL Server Also you can […]

Continue Reading


27 June 2008 | 24,984 views

Bsqlbf V2 – Blind SQL Injection Brute Forcer Tool

There are quite a lot of SQL Injection Tools available and now there is one more to add to the stable for testing – Bsqlbf V2, which is a Blind SQL Injection Brute Forcer. The original tool (bsqlbfv1.2-th.pl) was intended to exploit blind sql injection against a mysql backend database, this new version supports blind […]

Continue Reading


30 May 2008 | 19,334 views

sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL

We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features. Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a […]

Continue Reading


15 April 2008 | 19,810 views

sqlninja 0.2.2 Released for Download – SQL Injection Tool

Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of […]

Continue Reading


17 March 2008 | 10,560 views

Inguma 0.0.7.2 Released for Download – Penetration Testing Toolkit

For those that don’t know, Inguma is an open source penetration testing and vulnerability research toolkit written completely in Python. The environment is mainly oriented to attack Oracle related systems but, anyway, it can be used against any other kind of systems. It’s becoming a mature and useful package! I’m glad to see continued developing […]

Continue Reading


Advertisements