Tag Archive | "sql-injection"


20 November 2007 | 6,363 views

sqlninja 0.2.1-r1 – SQL Injection Tool for MS-SQL Released for Download

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process [...]

Continue Reading


23 October 2007 | 4,380 views

CORE GRASP – PHP Web Application Protection Software

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations. As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license. The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it [...]

Continue Reading


05 October 2007 | 22,341 views

Official release of SQL Power Injector 1.2 – Download Now!

SQL Power Injector is a graphical application created in .NET 1.1 that helps the penetrating tester to inject SQL commands on a web page. For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Moreover this application [...]

Continue Reading


22 August 2007 | 10,699 views

w3af – Web Application Attack and Audit Framework

A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features: Audit SQL injection detection XSS detection SSI detection Local file include [...]

Continue Reading


10 August 2007 | 9,665 views

mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script

mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the language [...]

Continue Reading


13 July 2007 | 18,049 views

FG-Injector – SQL Injection & Proxy Tool

FG-Injector Framework is a set of tools designed to help find SQL injection vulnerabilities in web applications, and help the analyst assess their severity. It includes a powerful proxy feature for intercepting and modifying HTTP requests, and an inference engine for automating SQL injection exploitation. Often web developers think that by disabling error messages in [...]

Continue Reading


09 July 2007 | 10,347 views

sqlget v1.0.0 – Blind SQL Injection Tool in PERL

sqlget is a blind SQL injection tool developed in Perl, it lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file. Databases supported: IBM DB2 Microsoft SQL Server Oracle Postgres Mysql [...]

Continue Reading


22 June 2007 | 12,880 views

sqlninja 0.1.2 Released for Download – SQL Injection Tool

sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of [...]

Continue Reading


08 June 2007 | 24,988 views

Priamos Project – SQL Injector and Scanner

PRIAMOS is a powerful SQL Injector & Scanner You can search for SQL Injection vulnerabilities and inject vulnerable string to get all Database names, Tables and Column data with the injector module. You should only use PRIAMOS to test the security vulnerabilities of your own web applications (obviously). The first release of PRIAMOS contain only [...]

Continue Reading


05 June 2007 | 38,378 views

SQLBrute – SQL Injection Brute Force Tool

SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries (there is some code in there for pycurl, [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·