Security Basics mailing list archives
Re: Open Source database scanning tools
From: "Salvador III Manaois" <badzmanaois () gmail com>
Date: Fri, 14 Nov 2008 00:29:52 +0800
On Thu, Nov 13, 2008 at 6:44 PM, <jeld7 () yahoo fr> wrote:
I am presently assessing open source database scanning tools that are available and Can you please let me know the ones most used to scan multiple databases Oracle,SQL,DB2,etc
Hi, Off the top of my head, I could think of the following tools: THC-Hydra (http://freeworld.thc.org/thc-hydra) - can be ran to perform SQL/MySQL dictionary attack. Paros proxy (http://www.parosproxy.org/index.shtml) - can scan for SQL injection flaws Absinthe (http://www.0x90.org/releases/absinthe) - automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection. SQLDict (http://ntsecurity.nu/cgi-bin/download/sqldict.exe.cgi) - dictionary attack tool against SQL Server Backtrack SQL Tools (http://www.remote-exploit.org/backtrack.html) - SQL Inject - SQL Scanner - SQLLibf - SQLbrute Regards, Salvador Manaois III MCSE MCSA C|EH MCITP | Enterprise/Server Admin Bytes & Badz : http://badzmanaois.blogspot.com
Current thread:
- Open Source database scanning tools jeld7 (Nov 13)
- Re: Open Source database scanning tools Salvador III Manaois (Nov 13)