[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [WEB SECURITY] Mini MySqlat0r release
- From: "Hoffman, Billy" <billy.hoffman@xxxxxx>
- Subject: RE: [WEB SECURITY] Mini MySqlat0r release
- Date: Mon, 13 Oct 2008 17:23:42 +0000
This gets bonus points for using SQL injection attacks as section names in the documentation
"'03 AND 1--" "'03 AND 2--"
' OR thought LIKE '%perhaps I'm just seeing what I want to see%'--
Billy Hoffman
--
Manager, HP Web Security Research Group
HP Software - Application Security Center
Direct: 770-343-7069
-----Original Message-----
From: MiniMySqlat0r [mailto:mms@xxxxxxx]
Sent: Monday, October 13, 2008 8:49 AM
To: websecurity@xxxxxxxxxxxxx
Subject: [WEB SECURITY] Mini MySqlat0r release
Mini MySqlat0r is a multi-platform application used to audit web sites
in order to discover and exploit SQL injection vulnerabilities in
applications that use MySQL for storing data. It is written in Java and
is used through a user-friendly GUI that contains three distinct modules.
The Crawler module allows the user to view the web site structure and
gather all tamperable parameters. These parameters are then sent to the
Tester module that tests all parameters for SQL injection
vulnerabilities. If any are found, they are then sent to the Exploiter
module that can exploit the injections to gather data from the database.
Mini MySqlat0r is freely downloadable (GPL licence) from
http://www.scrt.ch/pages_en/minimysqlator.html
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
Brought to you by http://www.webappsec.org
Search this site
|