国外一些 SQL Injection 扫描工具列表

1人收藏此文章, 发表于1年前(2012-04-28 08:47) , 已有
285次阅读 ,共
个评论

sqlmap ( ) 非常不错的工具 神器 速度很快

参数很详细

Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partial support for: Microsoft Access, DB2, Informix, Sybase and Interbase.

Safe3 SQL Injector ( )

Full support: MySQL, Oracle, PostgreSQL, MSSQL, ACESS, DB2, Sybase, Sqlite.

SQL Power Injector ( )

Supports: Microsoft SQL Server, Oracle, MySQL, Sybase / Adaptive Server and DB2.

Absinthe ( )

Supports: Microsoft SQL Server, MSDE, Oracle, and Postgres.

bsqlbf-v2 ( )

Supports: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.

Marathon Tool ( )

Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.

Havij ( )

国内有PRO版本的破解版 Hmily大牛破解的 不过我一个有正版的哥们说还是有一点小小的差异 不过嘛 破解版的做到这步已经灰常不错了 国外很多破解版都比不上。。。国人的骄傲吧

Supports: MySQL, Oracle, Microsoft SQL Server and Microsoft Access.

pysqlin ( )

Implemented: Oracle, MySQL and Microsoft SQL Server.

BSQL Hacker ( )

Implemented: Oracle and Microsoft SQL Server.
Available experimental support for MySQL.

WITOOL ( )

Implemented: Oracle and Microsoft SQL Server.

Sqlninja ( ) 只支持MSSQL 不过还不错 貌似要在配置文件里修改参数 很少用。。。。

Supports only Microsoft SQL Server.

sqlus ( )

Supports only MySQL.

DarkMySQLi16.py ( )

Supports only MySQL.

mySQLenum ( )

Supports only MySQL.

PRIAMOS ( )

Supports only Microsoft SQL Server.

SFX-SQLi ( )

Supports only Microsoft SQL Server.

DarkMySQL ( )

Supports only MySQL.

ProMSiD Premium ( )

Supports only MySQL.

yInjector ( )

Supports only MySQL.

Bobcat SQL Injection Tool ( )

ExploitMyUnion ( )
Laudanum ( )
Hexjector ( )
WebRaider ( )
Supports only Microsoft SQL Server.
Designed to execute commands on the server (reverse shell).
Pangolin ( )
Pangolin distributed on a commercial basis, but is also available in a free version with limited functionality.
Implemented: Oracle, Microsoft SQL Server 2000/2005, Sybase, Access, Mysql, DB2 and Informix.

(SQL injection supported DB: Mysql, Mssql, Sybase, Postgresql, Access, Oracle, Firebird / Interbase):