We’ve been following sqlmap since it first came out in Feburary 2007 and it’s been quite some time since the last update sqlmap 0.6.3 in December 2008. For those not familiar with the tool, sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection [...]
This perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections. We reported bsqlbf when it first hit the net back in April 2006 with bsqlbf v1.1, then the v2.0 update in June 2008. This [...]
Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management [...]
sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure, inject a SQL query, download files from the web server, upload and control a backdoor, and much more… It is designed to maximize the amount of [...]
You might remember a while ago we posted about MultiInjector which claims to the first configurable automatic website defacement tool, it got quite a bit of interest and shortly after that it was updated. Anyway, good or bad I think people deserve to know what is out there. Features Receives a list of URLs as [...]
sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back end database management system [...]
MultiInjector claims to the first configurable automatic website defacement software, I’m not sure if that’s a good thing – or a bad thing. But well here it is anyway. Features Receives a list of URLs as input Recognizes the parameterized URLs from the list Fuzzes all URL parameters to concatenate the desired payload once an [...]
sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, [...]
BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database. It ships with Automated Attack modules which allows the dumping of whole databases for the following DBMS: MS-SQL Server ORACLE MySQL (experimental) Attack Templates for: MS Access MySQL ORACLE PostgreSQL MS-SQL Server Also you can [...]
There are quite a lot of SQL Injection Tools available and now there is one more to add to the stable for testing – Bsqlbf V2, which is a Blind SQL Injection Brute Forcer. The original tool (bsqlbfv1.2-th.pl) was intended to exploit blind sql injection against a mysql backend database, this new version supports blind [...]
© Darknet – The Darkside 2000-2012. Don't Learn to HACK - Hack to LEARN.
Posted in: 
Recent Comments