[ad] We’ve been following sqlmap since it first came out in Feburary 2007 and it’s been quite some time since the last update sqlmap 0.6.3 in December 2008. For those not familiar with the tool, sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL […]
Database Hacking
bsqlbf v2.3 Released – Blind SQL Injection Brute Forcing Tool
[ad] This perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections. We reported bsqlbf when it first hit the net back in April 2006 with bsqlbf v1.1, then the v2.0 update in June 2008. […]
Acunetix Web Vulnerability Scanner (WVS) 6.5 Released
[ad] You may remember a while back we did a Review of Acunetix Web Vulnerability Scanner 6 – the very full featured web vulnerability scanning software. Well the latest version has been released recently with some updates, bug fixes and improvements on the web application security front. I’m hoping to try out the AcuSensor on […]
Pangolin – Automatic SQL Injection Tool
Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management […]
sqlsus 0.2 Released – MySQL Injection & Takeover Tool
[ad] sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure, inject a SQL query, download files from the web server, upload and control a backdoor, and much more… It is designed to maximize the amount […]