Search Results for "sql injection tool"

Technically, it is a third-party Nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing 99% of known patterns involved in website vulnerabilities. For example, <, | or drop are not supposed to be part of a URI. Being very simple, those patterns may match legitimate queries, it is Naxsi's administrator duty to add specific rules that will whitelist legitimate behaviors. The administrator can...

The FreeWAF provides specialized, layered application threat protection. It protects your web-based applications and internet-facing data from attack and data loss. Using advanced techniques to provide bidirectional protection against sophisticated threats like SQL injection and cross-site scripting, it helps you prevent identity theft, financial fraud and corporate espionage.

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

hwk is an easy-to-use application used to attack and discover wireless networks. It's providing various modes such as authentication/deauthentication flood, beacon and probe response fuzzing.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

CookieMonster that demonstrates HTTP session hijacking attacks. It sniff your network interface and hijack all cookie. The hijacked cookies can be edit and/or injected in your Firefox. It include a arp poisoning tool.

mySQLenum is a command line automatic blind sql injection tool for web application that uses MySql server as its back-end. Its main goal is to provide an easy to use command line interface.

Black scalpel is an advanced graphical (Swing gui) security and analysis tool written in Java, C and Assembler (platform independent). Current stage is early alpha, many features are still missing. Use SVN!

SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).

Airpwn is a tool for generic packet injection on an 802.11 network.

EyeSpy is a is a PC/Windows based internet monitoring and visualization tool. It will scan and summarize all online activity, and display a realtime, interactive map showing the geographic location of all endpoints communicating online.

Libdejector is a database tool which defeats SQL injection attacks by performing context-free validation of queries. While written in C, SWIG wrappers exist for Python and other languages will be following soon.

nmap-sql is a feature-addition to the popular nmap security tool. It adds MysQL logging functionality directly to the nmap binary to assist large scale auditing and pen-testing with multiple scanners and subnets logging to a central database.