BSQL Hacker is an automated SQL Injection Framework / Tool designed to
exploit SQL injection vulnerabilities virtually in any database.
It ships with Automated Attack modules which allows to dump whole database:
* SQL Server
* ORACLE
* MySQL (experimental)
Attack Templates :
* MS Access
* MySQL
* ORACLE
* PostgreSQL
* MS SQL Server
Also you can write your own attack template for any other database as
well (see the manual for details). New attack templates and exploits
for specific web application can be shared via Exploit Repository.
BSQL Hacker aims for experienced users as well as beginners who want
to automate SQL Injections (especially Blind SQL Injections).
It supports :
* Blind SQL Injection (Boolean Injection)
* Full Blind SQL Injection (Time Based)
* Deep Blind SQL Injection (a new way to exploit BSQLIs, explained
in here : http://labs.portcullis.co.uk/application/deep-blind-sql-injection/)
* Error Based SQL Injection
It allows metasploit alike exploit repository to share and update
exploits and attack tempate.
Download, Screenshots, Source Code and More Information :
http://labs.portcullis.co.uk/application/bsql-hacker/
Injection Wizard Video:
http://www.vimeo.com/1536040?pg=embed&sec=1536040
--
Ferruh Mavituna
http://ferruh.mavituna.com
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Aug 21 2008
Intro
