Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: SQL Injection Tools

Re: SQL Injection Tools

From: Jason Ross <algorythm_at_gmail.com>
Date: Mon, 23 Jun 2008 13:18:51 -0400

On Sun, Jun 22, 2008 at 8:23 PM, Serg B <sergeslists_at_gmail.com> wrote:
> Hi All,
>
> Can anybody suggest a relatively reliable SQL injection tool? Either
> Open Source or proprietary - required for business use. So far, I've
> been clobbering all sorts of weird SQL strings manually, would be nice
> to minimize the repetitive keyboard labor.

You don't mention what DBMS is on the backend, which may make a
difference in the choice of tools.
In general however, I find Absinthe rocks, and it offers some very
nice features for business use (eg. the ability to place a custom
string in every transaction, useful to verify whether the database
dying in the middle of your testing was related to something you did
or not... etc.) 

--
jason
-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Jun 24 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]