[ad] It not surprising SQL Injection and database hacking are getting more frequent as people ramp up perimeter security more often than not they forget about interior security, software application security and most of all database security. Of the 2007 total corporate IT budget, respondents said they have allocated 34 percent for database infrastructure and […]
database-security
sqlget v1.0.0 – Blind SQL Injection Tool in PERL
sqlget is a blind SQL injection tool developed in Perl, it lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file. Databases supported: IBM DB2 Microsoft SQL Server Oracle Postgres Mysql […]
OAPScan – Oracle Application Server Scanner
[ad] We got an e-mail a while back about this new and apparently simple Oracle Application Server scanner. It detects web pages, DADs (Database Access Descriptors) and test applications installed by default. It may be useful for system hardening and pen-test. You can download OAPScan here: OAPScan.tar.gz
Priamos Project – SQL Injector and Scanner
[ad] PRIAMOS is a powerful SQL Injector & Scanner You can search for SQL Injection vulnerabilities and inject vulnerable string to get all Database names, Tables and Column data with the injector module. You should only use PRIAMOS to test the security vulnerabilities of your own web applications (obviously). The first release of PRIAMOS contain […]
Oracle MEGA Patch Fixes 101 Security Bugs
[ad] Oracle in its very own style recently published a mega patch, it could be called the mother of all patches. Actually 101 bugs…the scary part is 45 can be exploited remotely. Oracle published the mother of all security patches containing 101 fixes for flaws in its database, application server, E-Business Suite and PeopleSoft and […]