Penetration Testing mailing list archives

Re: SQL Injection Tools

From: Christian Martorella <cmartorella () edge-security com>
Date: Mon, 30 Jun 2008 22:12:17 +0200

Hi Serg,  you can try these:

SQLiBF:  http://www.open-labs.org/sqlibf113b2.tar.gz

ProxyStrike: http://www.edge-security.com/proxystrike.php

The engine is both the same, and i think they are one of the bests


Kind regards,

Christian Martorella


On Jun 23, 2008, at 2:23 AM, Serg B wrote:

Hi All,

Can anybody suggest a relatively reliable SQL injection tool?  Either
Open Source or proprietary - required for business use.  So far, I've
been clobbering all sorts of weird SQL strings manually, would be nice
to minimize the repetitive keyboard labor.

So far, I am going through this list:
http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners

If there is anything better out there, or if anybody thinks I should
concentrate on a particular tool from the list (link above), please
let me know.


Thanks,
  Serg

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes inSecuring Web Applications

Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Current thread:

SQL Injection Tools Serg B (Jun 23)
- Re: SQL Injection Tools oh oh (Jun 23)
  - Re: SQL Injection Tools Marco Ivaldi (Jun 27)
- Re: SQL Injection Tools Rick Zhong (Jun 23)
- Re: SQL Injection Tools Jason Ross (Jun 23)
- Re: SQL Injection Tools Christian Martorella (Jun 30)