[ad] We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features. Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide […]
sql-injection
New Botnet Malware Spreading SQL Injection Attack Tool
[ad] Now this is an interesting turn of events, the Asprox botnet malware is being used to spread SQL Injection tools rather than sending out phishing e-mails as before. It seems to install quite stealthily as well disguising itself as a Windows Service with a fairly convincing file name. It’s certainly interesting to see the […]
sqlninja 0.2.2 Released for Download – SQL Injection Tool
[ad] Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process […]
ProxyStrike – Active Web Application Proxy
[ad] ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so ProxyStrike was born. Right now it has […]
SecurityCompass Exploit-Me – Firefox Web Application Testing Tools
[ad] Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection. The Exploit-Me […]