How to Find SQL Injection Attack Vulnerability?
January 2019 by Rapid SafeGuard
Today, I am sharing my resource to find SQLi vulnerability. SQLi is the technique to take over the database of the website. SQLi is the most dangerous attack as per the OWASP top 10 vulnerabilities and SANS top 25 vulnerabilities. I am sharing the online and offline tools through this blog.
Top 10 SQL Injection attacks tools
1. SQL Injection Testing with Sqlmap
2 suip.biz
Detecting SQL Injection flaws online by suIP.biz support MySQL, Oracle, PostgreSQL, Microsoft SQL, IBM DB2, Firebird, Sybase, etc. database.
3. Acunetix
4. SQL Injection Test Online
Another online tool by Hacker Target based on SQLMap to find bind & error based vulnerability against HTTP GET request.
5. Scan My Server
Scan My Server by Beyond Security is a FREE scanner to test your website for malware, cross-site scripting, SQL injection and other vulnerabilities.
6. Vega
Vega is an open-source security scanner software which can be installed on Linux, OS X, and Windows.
7. SQLMap
SQLMap is one of the popular open source testing tools to perform SQL injection against relational database management system.
8. SQL Inject Me
SQL Inject Me is a Firefox add-ons send database escape strings through HTML form fields and look for the error message in the output page.
9. Netsparker
Netsparker is one of the popular web security scanners comes in desktop or cloud version. It detects a large number of security flaws including OWASP top 10.
10. Appspider
Appspider by Rapid7 is a dynamic application security testing solution to crawl and test a web application for more than 80 types of attack. (Paid tool)