Blind SQL Injection Tool : sqlmap
I stumbled upon yet another blind SQl injection tool called sqlmap written by Bernardo Damele and Daniele Bellucci. I didn’t have time to test it, but the tool’s description is quite ambitious :
sqlmap is an automatic blind SQL injection tool, developed in python, capable to perform an active database fingerprint, to enumerate entire remote database and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.
You can download sqlmap from it’s sourceforge homepage. By any chance, did you see it in action? What were the results ?
If you enjoyed this post, make sure you subscribe to my RSS feed!
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Monday, February 19th, 2007 and is filed under Sql Injection, Tools.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Now You Can Do Anti-Virus Audit with Nessus »
Next Post: Drive-By Pharming - Let me fine tune your DNS entries »
Read More
Related Reading:- Gemalto - Security To Be Free
- Free alternative to ArcSight ESM ? Hardly..
- Privacy Dilemma: How to Protect Yourself Online
- Solera Networks Deep-Packet Capture Review
- WordPress Exploit Scanner
- Phishing Exposed, Brands Secured
- Scanners: New Nessus Release; New eEye Web Scanner
- Good News from ArcSight and Imperva
- CCTV Security Camera and Surveillance Equipment
- OpenDNS Offers Free Web Content Filtering
