Security Basics mailing list archives

Re: Test for SQL Injection

From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Mon, 27 Oct 2008 23:24:20 +0530

Hello Michael Condon,

A simple Google search can fetch you lot of SQL Injection
vulnerability scanners. Following link is about 'Top 15 free SQL
Injection Scanners'

Link: http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners

Besides this, one can also consider Acunetix, Watchfire's Appscan
Nikto/Wikto and Paros for detecting SQL Injection in any web
application.

---
Nikhil Wagholikar
Practice Lead | Security Assessment & Digital Forensics
NII Consulting
Web: http://www.niiconsulting.com/
Security Products: http://www.niiconsulting.com/products.html


On Mon, Oct 27, 2008 at 12:29 AM, Michael Condon
<admin () singulartechnologysolutions com> wrote:

What are some open source utilities I can use to test a web page for SQL
Injection vulnerability (MySQL), and what coding practices can be
implemented to prevent the exploit?

Current thread:

Web Application Scanners Marc-André Laverdière (Oct 23)
- Re: Web Application Scanners Franck Vervial (Oct 24)
  - Re: Web Application Scanners Michael Condon (Oct 24)
    - Re: Web Application Scanners Marc-André Laverdière (Oct 29)
    - Re: Web Application Scanners p4ssion (Oct 29)
- RE: Web Application Scanners degracia.carron.joseangel () servexternos repsolypf com (Oct 24)
- Re: Web Application Scanners Sebastián Bortnik (Oct 24)
  - Test for SQL Injection Michael Condon (Oct 27)
    - Re: Test for SQL Injection Adriel Desautels (Oct 27)
    - Re: Test for SQL Injection Nikhil Wagholikar (Oct 27)
    - RE: Test for SQL Injection David Crandell (Oct 27)
    - Re: Test for SQL Injection Yuli Stremovsky (Oct 28)