Wednesday, August 01, 2012

SQL Inject Me -SQL Injection Tool to test the Vulnerability for Pen Testers

So far i have written what is sql Injection, How to prevent SQL Injection? .  In this post, i am going to introduce a new SQLi tool for Pen Testers and Webmasters.
The tool name is SQL Inject Me.

What is SQL Inject Me?

SQL Inject Me is Mozilla addon that is used to test the SQL Injection Vulnerability of Web Application.  It reduces the workload of Manual SQL Injection Test.  This is especially designed for Pen Testers and Web Masters not for hackers.

Download it From here:

How it works?

The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.

The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.

The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.

0 on: "SQL Inject Me -SQL Injection Tool to test the Vulnerability for Pen Testers"