Search Results for "sql injection\" - Page 5

Automatic dump database & interactive sql shell tool dumps the current database structure including tables and columns and turns into an interactive mysql prompt with extra features. Written in Ruby.

...Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. This section provides a legal platform to test your skills and to try and exploit the vulnerabilities and sharpen your skills before you pentest live sites. We would advice newbies to try and exploit these web applications. These applications provide real life environments and will boost their confidence.

An simple auction system for students with intermediate knowledge on jQuery, PHP, mySQL to explore. This system is not secure from SQL injection, as this is for educational purpose only.

...Often when responding to a security incident the only files available are web server and proxy server logs. The tools here will aid you in detecting odd traffic such as botnet beaconing and SQL Injection attempts. The large amount of data can be overwhelming and the tools in the Log Analysis Tool Kit can be used to parse these files and build a MySQL database for querying. Currently the log formats supported are: Proxy Logs: Squid Bluecoat Web Server Logs: Apache IIS Your feedback is always appreciated. ...

Safe3SI is one of the most powerful and easy usage penetration tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a AI detection engine. http://www.safe3.com.cn/en

Note: WE ARE UNABLE TO UPDATE THE SCANNER AT THIS MOMENT! Note: WE APPRECIATE YOUR CONTRIBUTION. Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. We'll update it soon. The database update is currently maintained by web-center.si. Send your contributions, recommendations and bugs report to joomscan at yehg.net or creating a ticket at Trac here.

...Features: User Profiles PM System Admin / Mod Area Spam Protection Captcha & IP-Lock BBCode & Smileys RSS Feeds News-System Announcements User edit / block SHA1 encoding E-Mail verification SQL-Injection-Guard Admin-Notifications Contacts Statistics InfoBox Badword-Filter Counter User List Search MyPostings Moderators Password recovery / change Show Views / Posts in a Topic Protection against XSS

sqlsus is an open source (My)SQL injection tool, written in perl. It focuses on speed and efficiency, optimising the available injection space. It provides an easy to use interface with lots of neat features. For more information, please visit http://sqlsus.sf.net

SQL Blind Injection Tool with Performance Enhancements to Leverage Blind Exfiltration

Safe3WVS is one of the most powerful web vulnerability scanner with AI on-the-fly web spider crawling technology,especially web portals ,it is the most fast tool to dig such as sql injection, upload vulnerability, and more.http://www.safe3.com.cn/en

POP - Persistent Objects for PHP - is a library intended to make simple ORM for the main databases existent in the market - PostgreSQL, MS SQL, Oracle and MySQL. Complete OO and making use of PDO, it also secures your project against SQL Injection

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Witchxtool is a perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, proxy fresh scanner, yahoo pass checker

ExploitMyUnion is a tool written in Python with a PyQt user interface made to automate sql injection exploitation.

Classe de teste da string SQL montada com dados informados pelos internautas, tentando identificar possível ataques: 1 - leitura da base de dados de usuarios para quebra de senhas 2 - leitura de outras tabelas sigilosas, tal como emails.

InjectionDenied is a bash/gawk program that blocks PHP and SQL attacks by adding entries to /etc/hosts.deny (it works like DenyHosts with SSH). The daemon inform the admin about the new block host by mail.

mySQLenum is a command line automatic blind sql injection tool for web application that uses MySql server as its back-end. Its main goal is to provide an easy to use command line interface.

This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques This is a fully functional web site with a content management system based on fckeditor. You can download it as source code or a pre configured

HexDorker is an Open-Source,Cross Platform PHP Script to search for websites by using Google Dork and Scan them for SQL Injection Vulnerablities.

A simple include to handle all communication between PHP and MySQL.

A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities.

Darkjumper.py Developed by : mywisdom & gunslinger_ This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).