sqlmap is an automatic SQL injection tool. It can
perform an extensive database management system
back-end fingerprint, retrieve remote DBMS
databases, usernames, tables, and columns,
enumerate an entire DBMS, read system files, and
much more. It takes advantage of Web application
programming security flaws that lead to SQL
injection vulnerabilities.
License: GNU General Public License (GPL)
Changes:
This release adds support for Oracle, extends inband SQL injection functionality (--union-use) to all possible queries, adds support to extract a database user's password hash on Microsoft SQL Server, adds a fuzzer function with the aim to parse HTML pages looking for standard database error messages (consequently improving database fingerprinting), adds support for SQL injection on HTTP Cookie and User-Agent headers, and has many other changes.
440Forums |
MacMusic.org |
PcMusic.org |
440tv |
Zicos |
AudioLexic
