sqlmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities. Features Full […]
Database Hacking
sqlninja 0.2.1-r1 – SQL Injection Tool for MS-SQL Released for Download
[ad] Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the […]
mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script
[ad] mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the […]
Inguma – Penetration Testing Toolkit
[ad] Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the […]
The Soft Underbelly? – Database Security
[ad] It not surprising SQL Injection and database hacking are getting more frequent as people ramp up perimeter security more often than not they forget about interior security, software application security and most of all database security. Of the 2007 total corporate IT budget, respondents said they have allocated 34 percent for database infrastructure and […]