Login  |  繁體中文

What is Resource Catalog ?

catalog-iconThe OpenFoundry Resource Catalog lists professional resources and applications related to the development of open source software. If you have any recommendation listing / category  or bug for this resource catalog, please do not hesitate to contact us.

Web Vulnerability Sanner

A web vulnerability scanner is a computer program designed to assess web applications for weaknesses. There are a number of types of web vulnerability scanners available today, distinguished from one another by a focus on particular targets.

Listings

Results 1 - 13 of 13

Automagic SQL Injector

The Automagic SQL Injector is part of the Sec-1 Exploit Arsenal provided as part of the Applied Hacking & Intrusion Prevention training courses. In a nutshell it's an automated SQL injection tool designed to help save time on pen tests. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned. The following features are currently supported: Browse tables and dump table data to a CSV file (2 methods), Upload files using debug script method, Automagical UDP reverse shell, Interactive xp_cmdshell (simulated cmd.exe shell).

This project plan to add other features such as a brute force account cracker and a module to search for other SQL servers using OPENROWSET(). For a demonstration please visit https://scoobygang.org/magicsql/. This tool written for Active Perl (Windows), doesn't work too well on *nix.

SQLNinja

Fancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug script, put all this in a shaker with a Metasploit wrapper, shake well and you have just one of the attack modules of sqlninja! Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered. Have a look at the flash demo and then feel free to download it.

It is released under the GPLv2 and it has been featured on SecurityHack's Top 15 Free SQL Injection Scanners, which is a good result for something that started as a small script written on-the-fly during a pen-test.

Blind SQL Injection Perl Tool

Bsqlbf is a Perl script that lets auditors retrieve information from web sites that are vulnerable to SQL Injection. When an attacker executes SQL Injection attacks, sometimes the server responds with error messages from the database server complaining that the SQL Query's syntax is incorrect. Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application, rather then getting a useful error message, they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data by asking a series of True and False questions through SQL statements.

Sqid

Sqid is written in ruby.Find out more about SQL Injection. SQL injection digger is a command line program that looks for SQL injections and common errors in web sites. Also supports, Load multiple triggers from file; Load multiple signature databases from files; HTTPS support; HTTP proxy support with authentication; Basic authentication; Specify user agent; Specify referer; HTTP Cookies loading from command line or a file. Sqid is extensible by adding more signatures to its database (sqid.db). The signatures simply use regular expressions. Now Sqid is licensed under GPL v2.

Absinthe

The C# source code for Absinthe is available under the GPLv2. Certain portions of the source are also available under a BSD-style license in the documentation section. As of Absinthe 1.4.1, there is a bug reporting feature that communicates to a web application on 0x90.org. Use of this is voluntary, and you have full access to modify any data before it is sent. It's highly advised to look through these reports to remove any trace of the url you are testing. We have Windows, Linux and Mac OS version.

BobCat

Bobcat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It was originally created to build and extend upon the capabilities of a tool named "Data Thief". Bobcat has numerous features that will aid in the compromise of a vulnerable application and help exploit the RDBMS, such as listing linked severs and database schemas, dumping data, brute forcing of accounts, elevation of privileges, execution of operating system commands, etc. Someone had his/her laptop stolen on a recent trip, thanks British Airways (!?@£”!#). So this project currently re-writing from scratch, yet again!

SQL Injection Brute-forcer

SQL Injection Brute-forcer is the tool for automatizing the work of detecting and exploiting SQL Injection vulnerabilities. SQLibf can work in Visible and Blind SQL Injection. It works by doing simple logic SQL operations to determine the exposure level of the vulnerable application. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. It is host by Open Labs Web Application Security site.

Sqlbftools

Currently tools are being used to get SQL data from a blind (Microsoft) sql injection, like datathief of absinthe. The problem in Mysql is the dificulty to get the database structure. In Mysql there are no Objects database or alike, so it's not possible to create an stored procedure to walktrough a database catalog as these programs do with other database managers. The approach explained here is from a web service viewpoint. It's, from a web service vulnerable to sql injection.

SQLIer

SQLIer takes an SQL Injection vulnerable URL and attempts to determine all the necessary information to build and exploit an SQL Injection hole by itself, requiring no user interaction at all (unless it can't guess the table/field names correctly). By doing so, SQLIer can build a UNION SELECT query designed to brute force passwords out of the database. This script also does not use quotes in the exploit to operate, meaning it will work for a wider range of sites. An 8 character password (containing any character from decimal ASCII code 1-127) takes approximately 1 minute to crack.

SQLmap

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable. The goal of fimap is to improve the quality and security of your website. Do not use this tool on servers where you don't have permission to pentest !

Wapiti

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections...It use the Python programming language. Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but it will scan the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable