As i am a web developer and we are often confused while designing a database either is safe from SQL injection or not..? here i found a very impressive tool by which we can test the SQL injection percentage on the test server. You can use it for secure your self. SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.
Download SQL Inject Me 0.4.4 for
Its Add-ons for Firefox
Tool 1
Version 0.4.4
Works with Firefox: 2.0.0.8 – 3.6a1pre
Updated May 5, 2009
Developer Security Compass
Rating Rated 4 out of 5 stars
Tool 2
Version 1.3
Works with Firefox: 3.0 – 3.6a1pre
Updated July 21, 2009
Developer danielneto.com
Rating Rated 4 out of 5 stars
SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.
SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.
The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.
The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.
The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.
You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
Tool 1: DOWNLOAD HERE
Tool 2: DOWNLOAD HERE
0 comments
Post a Comment