国外一些 SQL Injection 扫描工具列表

国外一些 SQL Injection 扫描工具列表

1人收藏此文章, 我要收藏发表于1年前(2012-04-28 08:47) , 已有285次阅读 ，共0个评论sqlmap ( http://sqlmap.sourceforge.net/ ) 非常不错的工具 神器 速度很快参数很详细
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partial support for: Microsoft Access, DB2, Informix, Sybase and Interbase.Safe3 SQL Injector ( http://sourceforge.net/projects/safe3si/files/ )
Full support: MySQL, Oracle, PostgreSQL, MSSQL, ACESS, DB2, Sybase, Sqlite.SQL Power Injector ( http://www.sqlpowerinjector.com/ )
Supports: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.Absinthe ( http://www.0×90.org/releases/absinthe/index.php )
Supports: Microsoft SQL Server, MSDE, Oracle, and Postgres.bsqlbf-v2 ( http://code.google.com/p/bsqlbf-v2/ )
Supports: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.Marathon Tool ( http://www.codeplex.com/marathontool )
Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.Havij ( http://itsecteam.com/en/projects.htm )国内有PRO版本的破解版 Hmily大牛破解的 不过我一个有正版的哥们说还是有一点小小的差异 不过嘛 破解版的做到这步已经灰常不错了 国外很多破解版都比不上。。。国人的骄傲吧
Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.pysqlin ( http://code.google.com/p/pysqlin/source/checkout )
Implemented: Oracle, MySQL and Microsoft SQL Server.BSQL Hacker ( http://labs.portcullis.co.uk/application/bsql-hacker/ )
Implemented: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.WITOOL ( http://witool.sourceforge.net/ )
Implemented: Oracle and Microsoft SQL Server.Sqlninja ( http://sqlninja.sourceforge.net/ ) 只支持MSSQL 不过还不错 貌似要在配置文件里修改参数 很少用。。。。
Supports only Microsoft SQL Server.sqlus ( http://sqlsus.sourceforge.net/ )
Supports only MySQL.DarkMySQLi16.py ( http://vmw4r3.blogspot.com/ )
Supports only MySQL.mySQLenum ( http://sourceforge.net/projects/mysqlenum/ )
Supports only MySQL.PRIAMOS ( http://www.priamos-project.com/ )
Supports only Microsoft SQL Server.SFX-SQLi ( http://www.kachakil.com/ )
Supports only Microsoft SQL Server.DarkMySQL ( http://vmw4r3.blogspot.com/ )
Supports only MySQL.ProMSiD Premium ( http://forum.web-defence.ru/showpost.php?p=12402&postcount=15 )
Supports only MySQL.yInjector ( http://y-osirys.com/softwares/s-softwares/id10 )
Supports only MySQL.Bobcat SQL Injection Tool ( http://www.northern-monkee.co.uk/pub/bobcat.html )ExploitMyUnion ( http://sourceforge.net/projects/exploitmyunion/ )Laudanum ( http://sourceforge.net/projects/laudanum/ )Hexjector ( http://sourceforge.net/projects/hexjector/ )WebRaider ( http://code.google.com/p/webraider/ )
Supports only Microsoft SQL Server.
Designed to execute commands on the server (reverse shell).Pangolin ( http://www.nosec.org/2009/0920/74.html )
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.Toolza 1.0 (SQL injection supported DB: Mysql, Mssql, Sybase, Postgresql, Access, Oracle, Firebird / Interbase): http://bug-track.ru/prog/toolza1.0.rarhttp://forum.web-defence.ru/showpost.php?p=12402&postcount=15