Selection of tools to automate an attack SQL Injection

Home / Hacking, News, Security / Selection of tools to automate an attack SQL Injection

February 14, 2010 PlanetCreator 0 Comments 0 tags

sqlmap (http://sqlmap.sourceforge.net/)
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase.

SQL Power Injector (http://www.sqlpowerinjector.com/)
Implemented support for: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.

Absinthe (http://www.0x90.org/releases/absinthe/index.php)
Implemented support for: Microsoft SQL Server, MSDE, Oracle, and Postgres.

bsqlbf-v2 (http://code.google.com/p/bsqlbf-v2/)
Implemented support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.

pysqlin (http://code.google.com/p/pysqlin/source/checkout)
Implemented support: Oracle, MySQL and Microsoft SQL Server.

BSQL Hacker (http://labs.portcullis.co.uk/application/bsql-hacker/)
Implemented support: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.

WITOOL (http://witool.sourceforge.net/)
Implemented support: Oracle and Microsoft SQL Server.

Sqlninja (http://sqlninja.sourceforge.net/)
Implemented support only Microsoft SQL Server.

sqlus (http://sqlsus.sourceforge.net/)
Implemented support only MySQL.

mySQLenum (http://sourceforge.net/projects/mysqlenum/)
Implemented support only MySQL.

Priamos (http://www.priamos-project.com/)
Implemented support only Microsoft SQL Server.

Pangolin (http://www.nosec.org/2009/0920/74.html)
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented support: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.

Explore More

Whats is NetBIOS?

NetBIOS (Network Basic Input/Output System) was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources. Since its creation, NetBIOS has

Facebook “CSRF” attack-Full Disclosure

How a Facebook App works Anyone can create an application (or app) that will run within the Facebook platform (and many do!). An app is like a regular website with

Critical SQL Injection in mail4U is a production of Bagan Cybertech

PlanetCreator has reported another critical SQL Injection (vulnerability) on mail4U is a production of Bagan Cybertech http://www.mail4u.com.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring

[webapps] ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
on April 2, 2025 at 12:00 am
ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
[webapps] Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
on April 2, 2025 at 12:00 am
Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
[webapps] ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
on April 2, 2025 at 12:00 am
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
[remote] SAP NetWeaver - 7.53 - HTTP Request Smuggling
on April 2, 2025 at 12:00 am
SAP NetWeaver - 7.53 - HTTP Request Smuggling
[remote] ProSSHD 1.2 - Denial of Service (DOS)
on April 2, 2025 at 12:00 am
ProSSHD 1.2 - Denial of Service (DOS)