Selection of tools to automate an attack SQL Injection

Home / Hacking, News, Security / Selection of tools to automate an attack SQL Injection

February 14, 2010 PlanetCreator 0 Comments 0 tags

sqlmap (http://sqlmap.sourceforge.net/)
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase.

SQL Power Injector (http://www.sqlpowerinjector.com/)
Implemented support for: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.

Absinthe (http://www.0x90.org/releases/absinthe/index.php)
Implemented support for: Microsoft SQL Server, MSDE, Oracle, and Postgres.

bsqlbf-v2 (http://code.google.com/p/bsqlbf-v2/)
Implemented support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.

pysqlin (http://code.google.com/p/pysqlin/source/checkout)
Implemented support: Oracle, MySQL and Microsoft SQL Server.

BSQL Hacker (http://labs.portcullis.co.uk/application/bsql-hacker/)
Implemented support: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.

WITOOL (http://witool.sourceforge.net/)
Implemented support: Oracle and Microsoft SQL Server.

Sqlninja (http://sqlninja.sourceforge.net/)
Implemented support only Microsoft SQL Server.

sqlus (http://sqlsus.sourceforge.net/)
Implemented support only MySQL.

mySQLenum (http://sourceforge.net/projects/mysqlenum/)
Implemented support only MySQL.

Priamos (http://www.priamos-project.com/)
Implemented support only Microsoft SQL Server.

Pangolin (http://www.nosec.org/2009/0920/74.html)
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented support: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.

Explore More

Introduction on benchmarking attacks

Affected operating systems: ————————— Windows XP Pro Windows 2003 Windows Vista Windows 2008 (all service packs…) And probably some UNIX/Linux systems with some variants… Look by yourself. ================================================== ================================================== Abstract:

IP spoofing

IP spoofing is about the most advanced attack that can be executed on a computer system. IP spoofing, if done correctly, is one of the smoothest and hardest attacks on

SpiderLabs Defacetool

DefaceTool is an open-source Java Server Faces(JSF)testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and

[local] glibc 2.38 - Buffer Overflow
on February 11, 2026 at 12:00 am
glibc 2.38 - Buffer Overflow
[remote] Windows 10.0.17763.7009 - spoofing vulnerability
on February 11, 2026 at 12:00 am
Windows 10.0.17763.7009 - spoofing vulnerability
[webapps] motionEye 0.43.1b4 - RCE
on February 11, 2026 at 12:00 am
motionEye 0.43.1b4 - RCE
[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
on February 4, 2026 at 12:00 am
FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
on February 4, 2026 at 12:00 am
Docker Desktop 4.44.3 - Unauthenticated API Exposure