Selection of tools to automate an attack SQL Injection
2010-01-28 10:29:24 作者:root 来源: 浏览次数:0 网友评论 0 条
http://devteev.blogspot.com/2010/01/sql-injection.html
sqlmap (http://sqlmap.sourceforge.net/)
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase.
SQL Power Injector (http://www.sqlpowerinjector.com/)
Implemented support for: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.
Absinthe (http://www.0x90.org/releases/absinthe/index.php)
Implemented support for: Microsoft SQL Server, MSDE, Oracle, and Postgres.
bsqlbf-v2 (http://code.google.com/p/bsqlbf-v2/)
Implemented support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
pysqlin (http://code.google.com/p/pysqlin/source/checkout)
Implemented support: Oracle, MySQL and Microsoft SQL Server.
BSQL Hacker (http://labs.portcullis.co.uk/application/bsql-hacker/)
Implemented support: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.
WITOOL (http://witool.sourceforge.net/)
Implemented support: Oracle and Microsoft SQL Server.
Sqlninja (http://sqlninja.sourceforge.net/)
Implemented support only Microsoft SQL Server.
sqlus (http://sqlsus.sourceforge.net/)
Implemented support only MySQL.
mySQLenum (http://sourceforge.net/projects/mysqlenum/)
Implemented support only MySQL.
Pangolin (http://www.nosec.org/2009/0920/74.html)
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented support: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.
已有
