Selection of tools to automate an attack SQL Injection

Home / Hacking, News, Security / Selection of tools to automate an attack SQL Injection

February 14, 2010 PlanetCreator 0 Comments 0 tags

sqlmap (http://sqlmap.sourceforge.net/)
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase.

SQL Power Injector (http://www.sqlpowerinjector.com/)
Implemented support for: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.

Absinthe (http://www.0x90.org/releases/absinthe/index.php)
Implemented support for: Microsoft SQL Server, MSDE, Oracle, and Postgres.

bsqlbf-v2 (http://code.google.com/p/bsqlbf-v2/)
Implemented support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.

pysqlin (http://code.google.com/p/pysqlin/source/checkout)
Implemented support: Oracle, MySQL and Microsoft SQL Server.

BSQL Hacker (http://labs.portcullis.co.uk/application/bsql-hacker/)
Implemented support: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.

WITOOL (http://witool.sourceforge.net/)
Implemented support: Oracle and Microsoft SQL Server.

Sqlninja (http://sqlninja.sourceforge.net/)
Implemented support only Microsoft SQL Server.

sqlus (http://sqlsus.sourceforge.net/)
Implemented support only MySQL.

mySQLenum (http://sourceforge.net/projects/mysqlenum/)
Implemented support only MySQL.

Priamos (http://www.priamos-project.com/)
Implemented support only Microsoft SQL Server.

Pangolin (http://www.nosec.org/2009/0920/74.html)
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented support: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.

Explore More

LFI/RFI testing and exploiting with fimap

fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you

Malaysia Government DBKL Web Vulnerability (2nd)

PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site, http://www.planetcreator.net/2009/09/criti…aysia-web-site/ and http://www.xssed.com/mirror/64058/ but nobody takes action ~~~ How come? Hello, DBKLâ€™s Staffs! Are you

Anonymous Myanmar Hacker Attacks Blink Hacker Group

This is a bit MM Hackers Complication. 🙂 Today, we got a new email from Anonymous Myanmar Hacker who is (are) attacking to Blink Hacker Group. You can check complete

[local] Realtek rtl819x - Local Privilege
on May 27, 2026 at 12:00 am
Realtek rtl819x - Local Privilege
[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
on May 27, 2026 at 12:00 am
Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
[webapps] OpenCATS 0.9.7.4 - SQL Injection
on May 27, 2026 at 12:00 am
OpenCATS 0.9.7.4 - SQL Injection
[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection
on May 27, 2026 at 12:00 am
MeiG Smart FORGE_SLT711 - OS Command Injection
[webapps] scramble - Remote Code Execution
on May 27, 2026 at 12:00 am
scramble - Remote Code Execution