SQL注入的链接(收藏)

[   ] Blind MySQL injection and database stressing
      http://www.reversing.org/node/view/13
[   ] Using SQLBrute to brute force data from a blind SQL injection point
      http://www.justinclarke.com/archives/2006/03/sqlbrute.html
[   ] Advanced SQL Injection In SQL Server Applications - Chris Anley <chris@ngssoftware.com> [2002]
      http://www.nextgenss.com/papers/advanced_sql_injection.pdf
[   ] (more) Advanced SQL Injection - Chris Anley <chris@ngssoftware.com> [2002-06-18]
      http://www.nextgenss.com/papers/more_advanced_sql_injection.pdf
[   ] SQL Injection, Are Your Web Applications Vulnerable? - SPI Dynamics [2004-10-29]
      http://www.securitydocs.com/library/2656
      http://www.securitydocs.com/link.php?action=detail&id=2656&headerfooter=no
      http://www.securitydocs.com/pdf/2656.PDF
[   ] Manipulating Microsoft SQL Server Using SQL Injection - Cesar Cerrudo <sqlsec@yahoo.com>
      http://www.appsecinc.com/presentations/Manipulating_SQL_Server_Using_SQL_Injection.pdf
[   ] Top 15 free SQL Injection Scanners
      http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners
      SQLIer
      http://bcable.net/project.php?sqlier
      Sqlbftools
      http://www.reversing.org/node/view/11
      SQLibf
      http://www.open-labs.org/ (这里有一些HTTP相关的工具)
      SQL Brute
      http://www.gdssecurity.com/l/t.php
      BobCat
      http://www.northern-monkee.co.uk/index.html
      http://www.northern-monkee.co.uk/projects/bobcat/bobcat.html
      sqlmap
      http://sqlmap.sourceforge.net/
      Absinthe
      http://www.0x90.org/releases/absinthe/
      http://www.0x90.org/releases/absinthe/download.php
      SQL Injection Pentesting TooL
      http://sqltool.itdefence.ru/indexeng.html
      http://sqltool.itdefence.ru/setup.rar
      SQID
      http://sqid.rubyforge.org/
      http://rubyforge.org/frs/?group_id=2617
      SQL Power Injector
      http://sourceforge.net/projects/spinj/
      http://www.sqlpowerinjector.com/
      FG-Injector Framework
      http://sourceforge.net/projects/injection-fwk/
      sqlninja
      http://sqlninja.sourceforge.net/
      Automagical SQL injector
      http://www.indianz.ch/tools/attack/automagic.zip
      NGSS SQL Injector
      http://www.indianz.ch/tools/attack/sqlinjector.zip
      ISR-sqlget
      http://www.infobyte.com.ar/
      http://www.infobyte.com.ar/down/ISR-sqlget-1.0.0.tar.gz
      http://www.infobyte.com.ar/down/ISR-sqlget-Readme.txt
      http://www.infobyte.com.ar/demo/ISR_sqlget_ISS_proventia_bypass.html
      ISR-Form
      http://www.infobyte.com.ar/down/ISR-form-v1.0.tar.gz
      BlindMap
      http://www.c0debreak.net/cb/main.html
      http://codebreak.uni.cc/cb/papers/blind.html
      http://codebreak.uni.cc/downloads/sql.zip
      http://external.c0debreak.net/files/sql.zip
      http://w4ck1ng.com/tools/sql/sql.zip
      BaKo's SQL Injection Scanner v2.2 - BaKo [2007-11-29]
      http://files.h4ck-y0u.org/3745771
[   ] Web application vulnerability scanner / security auditor
      http://wapiti.sourceforge.net/
[   ] w3af - Web Application Attack and Audit Framework
      http://w3af.sourceforge.net/
[   ] advanced web server fingerprinting
      http://www.computec.ch/projekte/httprecon/
      (有windows版)
[   ] http://chorizo-scanner.com/
[   ] OWASP SQLiX Project
      http://www.owasp.org/index.php/Category:OWASP_SQLiX_Project

posted @ 2008-07-31 22:41  HappyQQ  阅读(895)  评论(0编辑  收藏  举报