Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam™ in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	SQID - SQL Injection Digger 14 Jan. 2008     Credit: The information has been provided by Metaeye SG. To keep updated with the tool visit the project's homepage at: http://sqid.rubyforge.org    Details Audit your web server for security holes - see what the hackers see. Sign up for a scan today - risk free! SQL injection digger is a command line program that looks for SQL injections and common errors in websites. This version now can perform the following operations.  * Look for SQL injections and common errors in website urls found by performing a google search  * Look for SQL injections and common erros in a given url or a file with urls  * Look for SQL injections and common errors in links from a web page  * Crawl a website/webpage and do the above Also supports:  * Load multiple triggers from file  * Load multiple signature databases from files  * HTTPS support  * HTTP proxy support with authentication  * Basic authentication  * Specify user agent  * Specify referer  * HTTP Cookies loading from command line or a file SQID's greatest strength lies in its simple architecture of inserting triggers in URL parameters and matching responses using regular expressions. Hence one can use it for other purposes also.  Comments: Subject:   Date:  From:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles SSL Capable NetCat ProxyStrike - Active Web Application Proxy McGrew Security RAM Dumper Creddump - Extracts Credentials from Windows Registry Hives w3af - Web Application Attack and Audit Framework Browser DOM Checker SQLninja - SQL Injection Toolkit Pass-The-Hash Toolkit Rainmaker - Command Line Pseudo Random Number Generator SQID - SQL Injection Digger Nipper - Network Infrastructure Parser PortBunny - Linux-kernel-based Port Scanner httprecon - Advanced Web Server Fingerprinting The Cookie Tools EchoVNC - Firewall Friendly Remote Desktop  Featured Articles Multiple Vendor rdesktop Vulnerabilities Wonderware SuiteLink Denial of Service Vulnerability PHP Multibyte Shell Command Escaping Bypass Vulnerability Akamai Download Manager Arbitrary Program Execution Vulnerability SugarCRM Community Edition Local File Disclosure Vulnerability Insufficient Argument Validation of Hooked SSDT Functions on Multiple Antivirus and Firewalls Wordpress Cookie Integrity Protection Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®