Outils d'utilisateurs

Outils du Site


des_ressources_et_outils_pour_les_injections_sql

FIXME Le PAD pour proposer une amélioration à cette page : https://pad.zenk-security.com/p/merci

Une liste d'outils pour exploiter les Injections SQL :

SQLi scanner en ligne avec version gratuite

🛠 https://pentest-tools.com/website-vulnerability-scanning/sql-injection-scanner-online#

Les outils 🛠 An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap. https://github.com/sheldoncoupeheure/AutoSQLi

🛠 Have fun injecting SQL into a Ruby on Rails application! https://github.com/presidentbeef/inject-some-sql

🛠 0xbug/SQLiScanner Automatic SQL injection with Charles and sqlmap api https://github.com/0xbug/SQLiScanner

🛠 massive SQL injection vulnerability scanner https://github.com/the-robot/sqliv

🛠 SQLMap — Automatic SQL Injection And Database Takeover Tool https://github.com/sqlmapproject/sqlmap free sqlmap online : https://pentest-tools.com/exploit-helpers/sqli-exploit-tool-sqlmap-online#

🛠 SQLSus is another open source SQL injection tool and is basically a MySQL injection and takeover tool http://sqlsus.sourceforge.net/

sqli-mass-scanner massive SQL injection vulnerability scanner https://github.com/forxml/sqli-mass-scanner

🛠 Safe3 SQL injector is another powerful but easy to use SQL injection tool. http://sourceforge.net/projects/safe3si/

🛠 SQLninja is a SQL injection tool that exploits web applications that use a SQL server as a database server. http://sqlninja.sourceforge.net/

🛠 BSQL hacker is a nice SQL injection tool that helps you perform a SQL injection attack against web applications. https://resources.infosecinstitute.com/best-free-and-open-source-sql-injection-tools/#download

🛠 PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server https://github.com/NetSPI/PowerUpSQL

🛠 jSQL Injection — Java Tool For Automatic SQL Database Injection https://github.com/ron190/jsql-injection

🛠 BBQSQL — A Blind SQL-Injection Exploitation Tool https://github.com/Neohapsis/bbqsql

🛠 NoSQLMap — Automated NoSQL Database Pwnage https://github.com/codingo/NoSQLMap

🛠 Whitewidow — SQL Vulnerability Scanner https://www.kitploit.com/2017/05/whitewidow-sql-vulnerability-scanner.html

🛠 DSSS — Damn Small SQLi Scanner https://github.com/stamparm/DSSS

🛠 explo — Human And Machine Readable Web Vulnerability Testing Format https://github.com/dtag-dev-sec/explo

🛠 Blind-Sql-Bitshifting — Blind SQL-Injection via Bitshifting https://github.com/awnumar/blind-sql-bitshifting

🛠 Leviathan — Wide Range Mass Audit Toolkit https://github.com/leviathan-framework/leviathan

🛠 Blisqy — Exploit Time-based blind-SQL-injection in HTTP-Headers (MySQL/MariaDB) https://github.com/JohnTroony/Blisqy

Des ressources et outils pour les injections SQL

SQLi General Resources

http://www.w3schools.com/sql/sql_injection.asp

http://sqlzoo.net/hack/

https://information.rapid7.com/rs/rapid7/images/R7%20SQL_Injection_Cheat_Sheet.v1.pdf

http://websec.ca/kb/sql_injection

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/

http://www.unixwiz.net/techtips/sql-injection.html

http://www.sqlinjectionwiki.com/

https://packetstorm.sigterm.no/papers/cheatsheets/sqlmap-cheatsheet-1.0-SDB.pdf

https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

http://bobby-tables.com/

MySQLi Resources

http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet

https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/

http://resources.infosecinstitute.com/backdoor-sql-injection/

http://evilsql.com/main/page2.php

http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet

Oracle SQLi Resources

http://pentestmonkey.net/cheat-sheet/sql-injection/oracle-sql-injection-cheat-sheet

Postgres SQLi Resources

http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet

Blind SQL Injection

https://www.owasp.org/index.php/Blind_SQL_Injection

Testing for SQL Injection (OTG-INPVAL-005)

https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)

SQL Injection Bypassing WAF

https://www.owasp.org/index.php/SQL_Injection_Bypassing_WAF

SQLite Resources

https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet

Reviewing Code for SQL Injection

https://www.owasp.org/index.php/Reviewing_Code_for_SQL_Injection

NoSQL injection Resources

https://www.owasp.org/index.php/Testing_for_NoSQL_injection

PL/SQL:SQL Injection Resources

https://www.owasp.org/index.php/PL/SQL:SQL_Injection

des_ressources_et_outils_pour_les_injections_sql.txt · Dernière modification: 2020/05/29 16:45 par M0N5T3R