jSQL – Automatic SQL Injection Tool In Java

Use Netsparker


jSQL is an automatic SQL Injection tool written in Java, it’s lightweight and supports 23 kinds of database.

jSQL - Automatic SQL Injection Tool In Java


It is free, open source and cross-platform (Windows, Linux, Mac OS X) and is easily available in Kali, Pentest Box, Parrot Security OS, ArchStrike or BlackArch Linux.

Features of jSQL Java SQL Injection Tool

  • Automatic injection of 23 kinds of databases:
    • Access
    • CockroachDB
    • CUBRID
    • DB2
    • Derby
    • Firebird
    • H2
    • Hana
    • HSQLDB
    • Informix
    • Ingres
    • MaxDB
    • Mckoi
    • MySQL{MariaDb}
    • Neo4j
    • NuoDB
    • Oracle
    • PostgreSQL
    • SQLite
    • MS SQL Server
    • Sybase
    • Teradata
    • Vertica
  • Multiple injection strategies: Normal, Error, Blind and Time
  • SQL Engine to study and optimize SQL expressions
  • Injection of multiple targets
  • Search for administration pages
  • Creation and visualisation of Web shell and SQL shell
  • Read and write files on host using injection
  • Bruteforce of password’s hash
  • Code and decode a string

Installation of jSQL Java SQL Injection Tool

Install Java 8, then download the latest release of jSQL Injection and double-click on the file jsql-injection-v0.79.jar to launch the software. You can also type java -jar jsql-injection-v0.79.jar in your terminal to start the program. If you are using Kali Linux then get the latest release using commands apt update then apt full-upgrade.


Future Roadmap for jSQL SQL Injection Java

  • Netezza Support
  • Test coverage with Jacoco
  • Integration test with Docker and JPA Hibernate Jooq
  • Maven
  • Core swing CLI
  • Full Path Disclosure
  • DIOS RoutedQuery OOB UpdateInsertDelete
  • Bruteforce HTTP Auth using NTLM
  • Arabic translation
  • Command-line interface
  • Dictionary attack
  • WAF Detection
  • Program self-updater

You can download jSQL Java SQL Injection Tool here:

jsql-injection-v0.81.jar

Or read more here.

Posted in: Database Hacking

, , , , ,


Latest Posts:


HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.


Comments are closed.