Jimmy Posted September 2, 2011 Report Share Posted September 2, 2011 (edited) sqlmap ( sqlmap: automatic SQL injection and database takeover tool )Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.Partial support for: Microsoft Access, DB2, Informix, Sybase and Interbase.Safe3 SQL Injector ( safe3 sql injector - Browse Files at SourceForge.net )Full support: MySQL, Oracle, PostgreSQL, MSSQL, ACESS, DB2, Sybase, Sqlite.SQL Power Injector ( SQL Power Injector Product Information )Supports: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.Absinthe ( 0x90.org // [Absinthe :: Automated Blind SQL Injection] // ver1.3.1 )Supports: Microsoft SQL Server, MSDE, Oracle, and Postgres.bsqlbf-v2 ( bsqlbf-v2 - Blind Sql Injection Brute Forcer version 2 - Google Project Hosting )Supports: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.Marathon Tool ( Marathon Tool )Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.Havij ( ITSecTeam: Projects )Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.pysqlin ( Source Checkout - pysqlin - SQL injection tool - Google Project Hosting )Implemented: Oracle, MySQL and Microsoft SQL Server.BSQL Hacker ( BSQL Hacker - Portcullis Labs )Implemented: Oracle and Microsoft SQL Server.Available experimental support for MySQL.WITOOL ( WITOOL ( Web sql injection tool ) )Implemented: Oracle and Microsoft SQL Server.Sqlninja ( sqlninja - a SQL Server injection & takeover tool )Supports only Microsoft SQL Server.sqlus ( sqlsus : (My)SQL injection tool )Supports only MySQL.DarkMySQLi16.py ( Insecurity )Supports only MySQL.mySQLenum ( mySQLenum | Download mySQLenum software for free at SourceForge.net )Supports only MySQL.SFX-SQLi ( WWW.KACHAKIL.COM )Supports only Microsoft SQL Server.DarkMySQL ( Insecurity )Supports only MySQL.yInjector ( yInjector - SQL Inj Penetration Tool )Supports only MySQL.Bobcat SQL Injection Tool ( Bobcat SQL Injection Tool )ExploitMyUnion ( ExploitMyUnion | Download ExploitMyUnion software for free at SourceForge.net )Laudanum ( Laudanum | Download Laudanum software for free at SourceForge.net )Hexjector ( Hexjector | Download Hexjector software for free at SourceForge.net )WebRaider ( webraider - WebRaider - Google Project Hosting )Supports only Microsoft SQL Server.Designed to execute commands on the server (reverse shell).Pangolin ( Pangolin - Amazing SQL Injection World_ )Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.Implemented: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix. Edited September 2, 2011 by Jimmy 1 Quote Link to comment Share on other sites More sharing options...
totti93 Posted September 2, 2011 Report Share Posted September 2, 2011 Script kiddies will be happy ... Oricum si eu folosesc tool-uri pentru Blind SQLi, ca manual apuc Craciunul Quote Link to comment Share on other sites More sharing options...
orion.hacker Posted September 6, 2011 Report Share Posted September 6, 2011 SQLMAP...manual..doar cand am chef:)) Quote Link to comment Share on other sites More sharing options...
maG1c Posted September 6, 2011 Report Share Posted September 6, 2011 Ce tool e mai bun pentru blind sql injection ? ca manual ma bate rau. Quote Link to comment Share on other sites More sharing options...