sql injection Archives • Penetration Testing

What is Naxsi? NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by…

Web Exploitation

hasherbasher: SQL injection via bruteforced MD5 hash reflection of random strings

do son February 11, 2019 No Comments hasherbasher sql injection SQL injection brute forced MD5 hash

hasherbasher This is a tool used to help exploit poorly designed authentication systems by locating ASCII strings that when MD5 hashed, result in raw bytes…

Web Vulnerability Analysis WebApp PenTest

sqliv: massive SQL injection vulnerability scanner

do son August 27, 2017 No Comments sql injection sqliv

SQLiv Massive SQL injection vulnerability scanner Features multiple domain scanning with SQL injection dork targetted scanning by providing specific domain (with crawling) reverse domain scanning…

Web Vulnerability Analysis WebApp PenTest

Vulny-Code-Static-Analysis: detect vulnerabilities into a PHP source code

do son August 7, 2017 No Comments Cross-Site Scripting Header injection LDAP injection local file inclusion Remote Commands Execution sql injection sqli URL redirection Xpath injection

PHP_Code_Static_Analysis A basic script to detect vulnerabilities into a PHP source code Currently detecting : SQL injection Local File Inclusion Insecure emails Cross Site Scripting…

Programming Web Vulnerability Analysis

safesql: tatic analysis tool for Go that protects against SQL injections

do son March 22, 2018 No Comments safesql sql injection

SafeSQL is a static analysis tool for Go that protects against SQL injections. How does it work? SafeSQL uses the static analysis utilities in go/tools to search…

Web Information Gathering Web Vulnerability Analysis WebApp PenTest

RED HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling

do son June 12, 2017 No Comments blind sqli sql injection sqli vulnerability scanning

RED HAWK All in one tool for Information Gathering and Vulnerability Scanning Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web…

Web Exploitation Web Vulnerability Analysis WebApp PenTest

python gdork sqli: Automatically Finding and Exploiting SQL injection

do son May 19, 2017 No Comments sql injection sqli

Find SQL injections This python script is developed to show, how many vulnerable websites, which are laying around on the web. The main focus of…

Web Exploitation WebApp PenTest

Using sqlmap with Google Dork for exploiting sql injection

do son December 13, 2016 No Comments google dork mysql Pentesting sql injection sqlmap Vulnerability web app

Introduction sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database…

Web Vulnerability Analysis WebApp PenTest

Damn Web Scanner: web vulnerabilities scanner

do son August 7, 2017 No Comments Cross-Site Scripting local file inclusion Remote Commands Execution sql injection

Damn Web Scanner Another web vulnerabilities scanner, this extension works on Chrome and Opera. The extension is working in the background and will notify you…

Web Exploitation WebApp PenTest

sqli-hunter: simple sqlmap api wrapper and proxy server

do son January 13, 2018 No Comments sql injection SQLi-Hunter sqlmap

SQLi-Hunter SQLi-Hunter is a simple HTTP proxy server and a sqlmap api wrapper that makes dig SQLi easily. Installation Requirement Ruby: > 2.0.0 sqlmap Install…

Penetration Testing

Tag: sql injection

NAXSI: open-source, high performance, low rules maintenance WAF for NGINX

hasherbasher: SQL injection via bruteforced MD5 hash reflection of random strings

sqliv: massive SQL injection vulnerability scanner

Vulny-Code-Static-Analysis: detect vulnerabilities into a PHP source code

safesql: tatic analysis tool for Go that protects against SQL injections

RED HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling

python gdork sqli: Automatically Finding and Exploiting SQL injection

Using sqlmap with Google Dork for exploiting sql injection

Damn Web Scanner: web vulnerabilities scanner

sqli-hunter: simple sqlmap api wrapper and proxy server