SOLDIERX.COM Nobody Can Stop Information Insemination

bsqlbf-v2 or Blind Sql Injection Brute Forcer version 2 is a perl script that allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections. It supports MySQL, Oracle, PostgreSQL and Microsoft SQL Server databases.

VulnDetector is a project coded in python which scans a website and detects various web based security vulnerabilities in the website. It was developed by Brad Cable who is into coding open source tools.

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page.

For now it is SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Indeed, the normal mode is basically the SQL command that someone will put in the parameter sent to the server.

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

Pangolin is a penetration testing, SQL Injection test tool on database security. It finds SQL Injection vulnerabilities.Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user”s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.

MSSQLScanner is a multithreaded java based dictionary attack tool with the capability of spawning an SQL Query Shell and xp_cmdshell for pentesting your MS SQL Database server.

“PostgreSQL is a powerful, open source object-relational database system. It has more than 15 years of active development and a proven architecture that has earned a strong reputation for reliability, data integrity, and correctness.

This java based application helps you parse contents of your script e.g. PHP scripts and automatically convert it as hex value, some pentesters use this method to test for possible sql injection vulnerability in a website.

Firebug is an add-on for Firefox that provides access to browser internals. It features live editing of HTML and CSS, a DOM viewer, and a JavaScript debugger. Web application security testers appreciate the ability to see what's happening behind the scenes of the browser.