Sqlmap - Automatic SQL injection and database takeover tool

  •        0

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

It has full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query, stacked queries and out-of-band.

http://sqlmap.org/

Tags
Implementation
License
Platform

   




Related Projects

OpenVAS - Vulnerability Scanner and Manager


OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It is designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

OWASP Joomla Vulnerability Scanner Project


Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site. It Searches known vulnerabilities of Joomla! and its components, Web application firewall detection and lot more.

WebVulScan - Web Application Vulnerability Scanner


WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found.

IronWASP - Iron Web application Advanced Security testing Platform


IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

w3af - Web Application Attack and Audit Framework


w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. It can find Cross site scripting, SQL Injection and lot more. The framework implements web and proxy servers which are easy to integrate into your code in order to identify and exploit vulnerabilities.

SQLSentinel


OpenSource tool for sql injection security testing

GameOver


Training and educating about the web security

CakePHP - Rapid Development PHP framework


CakePHP makes building web applications simpler, faster and require less code. Its features include Database support, Application scaffolding, MVC architecture, Built-in validation, Data Sanitization, Flexible Caching, Localization, SQL injection prevention, Form tampering protection, Authentication and lot more.

brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications


A static analysis security vulnerability scanner for Ruby on Rails applications

TestLink - web based Test Management tool


TestLink is a web based Test Management tool. The application provides Test specification, Test plans and execution, Reporting, Requirements specification and collaborate with well-known bug trackers.