jSQL is an automatic SQL Injection tool written in Java, it’s lightweight and supports 23 kinds of database.
It is free, open source and cross-platform (Windows, Linux, Mac OS X) and is easily available in Kali, Pentest Box, Parrot Security OS, ArchStrike or BlackArch Linux.
Features of jSQL Java SQL Injection Tool
- Automatic injection of 23 kinds of databases:
- Access
- CockroachDB
- CUBRID
- DB2
- Derby
- Firebird
- H2
- Hana
- HSQLDB
- Informix
- Ingres
- MaxDB
- Mckoi
- MySQL{MariaDb}
- Neo4j
- NuoDB
- Oracle
- PostgreSQL
- SQLite
- MS SQL Server
- Sybase
- Teradata
- Vertica
- Multiple injection strategies: Normal, Error, Blind and Time
- SQL Engine to study and optimize SQL expressions
- Injection of multiple targets
- Search for administration pages
- Creation and visualisation of Web shell and SQL shell
- Read and write files on host using injection
- Bruteforce of password’s hash
- Code and decode a string
Installation of jSQL Java SQL Injection Tool
Install Java 8, then download the latest release of jSQL Injection and double-click on the file jsql-injection-v0.79.jar to launch the software. You can also type java -jar jsql-injection-v0.79.jar in your terminal to start the program. If you are using Kali Linux then get the latest release using commands apt update then apt full-upgrade.
Future Roadmap for jSQL SQL Injection Java
- Netezza Support
- Test coverage with Jacoco
- Integration test with Docker and JPA Hibernate Jooq
- Maven
- Core swing CLI
- Full Path Disclosure
- DIOS RoutedQuery OOB UpdateInsertDelete
- Bruteforce HTTP Auth using NTLM
- Arabic translation
- Command-line interface
- Dictionary attack
- WAF Detection
- Program self-updater
You can download jSQL Java SQL Injection Tool here:
Or read more here.