Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
 

List of SQL Injection Tools

List of SQL Injection Tools for computer:

  • SQL Project Injector
  • sqlmap
  • The Mole
  • jSQL injection
  • Sqlninja
  • DataThief
  • Marathon Tool
  • Tyrant SQL (https://sourceforge.net
  • SQL Invader (https://information.rapid7.com
  • SQL Brute (https://www.gdssecurity.com
  • fatcat-sql-injector (https://code.google.com
  • Absinthe (https://sourceforge.net
  • Blind SQL Injection Brute Forcing Tool (https://www.darknet.org.uk
  • safe3si (https://sourceforge.net
  • BBQSQL (https://github.com
  • ExploitMyUnion (https://sourceforge.net
  • ICFsqLi CRAWLER (https://sourceforge.net
  • Enema (https://code.google.com
  • Sqlsus (http://sqlsus.sourceforge.net
  • SQL Inject-Me (https://addons.mozilla.org
  • Darkjumper (https://sourceforge.net
  • SQLIer (https://bcable.net
  • sqlibf
  • sqlget

Among all of them, the most popular are SQL Project Injector, sqlmap, Mole, jSQL injection, SQL Ninja, DataThief, Marathon Tool.

List of SQL injection tools for mobile:

  • Andro Hackbar
  • DroidSQLi
  • sqlmapchik

 

List of SQL Injection Tools for computer

SQL Project Injector

http://www.sqlpowerinjector.com/

sqlmap

http://sqlmap.org/

Mole

https://sourceforge.net/projects/themole/

jSQL Injection

https://github.com/ron190/jsql-injection

Sqlninja

http://sqlninja.sourceforge.net

DataThief

https://securiteam.com/tools/5hp0w009po/

DataThief is a tool used to demonstrate to web administrators and developers how to steal data from a web application that is vulnerable to SQL Injection. Data Thief is designed to retrieve the data from a Microsoft SQL Server back-end behind a web application with a SQL Injection vulnerability.

Marathon Tool

https://archive.codeplex.com/?p=marathontool

Marathon Tool is used to perform time-based blind SQL injection attacks on the MySQL backend database.

Marathon Tool is a POC for using heavy queries to perform a Time-Based Blind SQL Injection attack. This tool is still a work in progress, but is right now in a very good alpha version. It can be used to extract information from web applications using Microsoft SQL Server, Microsoft Access, MySQL or Oracle Databases.

Tyrant SQL

https://sourceforge.net

SQL Invader

https://information.rapid7.com

SQL Brute

https://www.gdssecurity.com

fatcat-sql-injector

https://code.google.com

Absinthe

https://sourceforge.net

Blind SQL Injection Brute Forcing Tool

https://www.darknet.org.uk

safe3si

https://sourceforge.net

BBQSQL

https://github.com

ExploitMyUnion

https://sourceforge.net

ICFsqLi CRAWLER

https://sourceforge.net

Enema

https://code.google.com

Sqlsus

http://sqlsus.sourceforge.net

SQL Inject-Me

https://addons.mozilla.org

Darkjumper

https://sourceforge.net

SQLIer

https://bcable.net

sqlibf

https://sourceforge.net

sqlget

https://www.darknet.org.uk

 

 

List of SQL Injection Tools for mobile

Andro Hackbar

https://play.google.com

Andro Hackbar is a web penetration tool built for Android where you can perform SQL injection, XSS, and LFI flaws. This is a pentesting tool to test websites to know if it is unsecured or vulnerable from such attacks. This tool can be used to secure websites from attackers/hackers.

DroidSQLi

http://www.edgard.net

DroidSQLi is the automated MySQL injection tool for Android. It allows you to test MySQL-based web application against SQL injection attacks. It automatically selects the best technique to use and employs some simple filter-evasion methods. It supports time-based, blind, error-based, and normal injection.

sqlmapchik

https://github.com

sqlmapchik is a cross-platform sqlmap GUI for sqlmap tool. It is primarily aimed to be used on mobile devices.

 

You might be also interested in…

pmgallardo

About pmgallardo

I studied Computer Science at University of Salamanca. Since then, I have been working first as developer and then as SAP consutant. This blog is about problems I dealt when using computers, and more important, the solutions I found. Whenever I am on an issue and suddenlly I have a flash that leads me to a solution, I document my discoveries in a post.

, , , , , , , , , , , , , , , , , , , , ,

No comments yet.

Leave a Reply


*

Política de privacidad
Studii Salmantini. Campus de excelencia internacional