Absinthe is a gui-based tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection. Absinthe does not aid in the discovery of SQL Injection holes. This tool will only speed up the process of data recovery. Features: Automated SQL Injection Supports MS SQL Server, […]
sql-injection
sqlninja 0.1.0alpha – MS-SQL Injection Tool
sqlninja is a little toy that has been coded during a couple of pen-tests done lately and it is aimed to exploit SQL Injection vulnerabilities on web applications that use Microsoft SQL Server as their back-end. It borrows some ideas from similar tools like bobcat, but it is more targeted in providing a remote shell […]
SQL Power Injector v1.1 Released
SQL Power Injector is a graphical application created in .Net 1.1 that helps the penetrating tester to inject SQL commands on a web page. For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal Mode). Moreover this application […]
bsqlbf 1.1 – Blind SQL Injection Tool
bsqlbf is a tool for Blind SQL Injection attacks, a pretty nifty one too! The author says there are similar tools about, but he’s tried to combine all the techniques into one compact but complete tool. # CHANGELOG: # -get now support resume (with -start option) # -get to fetch files (thank you ilo AGAIN) […]