Outils d'utilisateurs

Outils du Site


des_ressources_et_outils_pour_les_injections_sql

Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

Lien vers cette vue

des_ressources_et_outils_pour_les_injections_sql [2019/10/23 13:45]
M0N5T3R
des_ressources_et_outils_pour_les_injections_sql [2020/05/29 16:45] (Version actuelle)
M0N5T3R
Ligne 1: Ligne 1:
 FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci
 +
 +====== Une liste d'outils pour exploiter les Injections SQL  : ======
 +
 +**SQLi scanner en ligne avec version gratuite** 
 +
 +
 +🛠 https://pentest-tools.com/website-vulnerability-scanning/sql-injection-scanner-online#
 +
 +** Les outils **
 +🛠 An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap. https://github.com/sheldoncoupeheure/AutoSQLi
 +
 +
 +🛠 Have fun injecting SQL into a Ruby on Rails application! https://github.com/presidentbeef/inject-some-sql
 +
 +🛠 0xbug/SQLiScanner Automatic SQL injection with Charles and sqlmap api https://github.com/0xbug/SQLiScanner
 +
 +
 +🛠 massive SQL injection vulnerability scanner https://github.com/the-robot/sqliv
 +
 +
 +🛠 SQLMap — Automatic SQL Injection And Database Takeover Tool https://github.com/sqlmapproject/sqlmap
 +free sqlmap online : https://pentest-tools.com/exploit-helpers/sqli-exploit-tool-sqlmap-online#
 + 
 +🛠 SQLSus is another open source SQL injection tool and is basically a MySQL injection and takeover tool http://sqlsus.sourceforge.net/   
 +
 +sqli-mass-scanner massive SQL injection vulnerability scanner https://github.com/forxml/sqli-mass-scanner
 +
 +🛠 Safe3 SQL injector is another powerful but easy to use SQL injection tool.  http://sourceforge.net/projects/safe3si/
 +
 +🛠 SQLninja is a SQL injection tool that exploits web applications that use a SQL server as a database server. http://sqlninja.sourceforge.net/
 +
 +🛠 BSQL hacker is a nice SQL injection tool that helps you perform a SQL injection attack against web applications. https://resources.infosecinstitute.com/best-free-and-open-source-sql-injection-tools/#download
 +
 +🛠 PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server https://github.com/NetSPI/PowerUpSQL
 +    
 +🛠 jSQL Injection — Java Tool For Automatic SQL Database Injection https://github.com/ron190/jsql-injection
 +    
 +🛠 BBQSQL — A Blind SQL-Injection Exploitation Tool https://github.com/Neohapsis/bbqsql
 +    
 +🛠 NoSQLMap — Automated NoSQL Database Pwnage https://github.com/codingo/NoSQLMap
 +    
 +🛠 Whitewidow — SQL Vulnerability Scanner https://www.kitploit.com/2017/05/whitewidow-sql-vulnerability-scanner.html
 +    
 +🛠 DSSS — Damn Small SQLi Scanner https://github.com/stamparm/DSSS
 +    
 +🛠 explo — Human And Machine Readable Web Vulnerability Testing Format https://github.com/dtag-dev-sec/explo
 +    
 +🛠 Blind-Sql-Bitshifting — Blind SQL-Injection via Bitshifting https://github.com/awnumar/blind-sql-bitshifting
 +    
 +🛠 Leviathan — Wide Range Mass Audit Toolkit https://github.com/leviathan-framework/leviathan
 +    
 +🛠 Blisqy — Exploit Time-based blind-SQL-injection in HTTP-Headers (MySQL/MariaDB) https://github.com/JohnTroony/Blisqy
 +
 +
 +====== Des ressources et outils pour les injections SQL ======
 +
  
 **SQLi General Resources** **SQLi General Resources**
  
-SQLMap l'outil le plus connu d'automatisation de détection et d'exploitation d'injection SQL. https://github.com/sqlmapproject/sqlmap 
  
 http://www.w3schools.com/sql/sql_injection.asp http://www.w3schools.com/sql/sql_injection.asp
Ligne 32: Ligne 87:
  
 http://resources.infosecinstitute.com/backdoor-sql-injection/ http://resources.infosecinstitute.com/backdoor-sql-injection/
- 
-**MSSQLi Resources** 
  
 http://evilsql.com/main/page2.php http://evilsql.com/main/page2.php
Ligne 46: Ligne 99:
  
 http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet
 +
 +**Blind SQL Injection**
 +
 +https://www.owasp.org/index.php/Blind_SQL_Injection
 +
 +**Testing for SQL Injection (OTG-INPVAL-005)**
 +
 +https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)
 +
 +**SQL Injection Bypassing WAF**
 +
 +https://www.owasp.org/index.php/SQL_Injection_Bypassing_WAF
  
 **SQLite Resources** **SQLite Resources**
  
 https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet
 +
 +**Reviewing Code for SQL Injection**
 +
 +https://www.owasp.org/index.php/Reviewing_Code_for_SQL_Injection
 +    
 +**NoSQL injection Resources**
 +
 +https://www.owasp.org/index.php/Testing_for_NoSQL_injection
 +
 +**PL/SQL:SQL Injection Resources**
 +    
 +https://www.owasp.org/index.php/PL/SQL:SQL_Injection
des_ressources_et_outils_pour_les_injections_sql.1571831104.txt.gz · Dernière modification: 2019/10/23 13:45 par M0N5T3R