posts - 31, comments - 85, trackbacks - 0

My Links

News

Archives

Post Categories
<< Auto-Using shortcut for Visual Studio 2005 IDE and Express editions | Home | Hiding a modal form and showing a new one minimizes parent window >>

Tools to detect and remove SQL injection attacks

Joe Stagner blogged about some tools available to deal with SQL injection attacks. I have used both HP Scrawlr and Microsoft ® Source Code Analyzer for SQL Injection and  I have to say they both are easy to use tools that do the job right.

Here is the post: http://www.misfitgeek.com/Tools+To+Block+And+Eradicate+SQL+Injection.aspx

The Microsoft Source Code Analyzer for SQL Injection tool: http://support.microsoft.com/kb/954476

HP Scrawlr: http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/24/finding-sql-injection-with-scrawlr.aspx

 

  • Share This Post:
  • Share on Twitter
  • Share on Facebook
  • Share on Technorati

Print | posted on Wednesday, December 17, 2008 3:39 PM | Filed Under [ Tools ]

Feedback

Gravatar

# re: Tools to detect and remove SQL injection attacks

WebCruiser - Web Vulnerability Scanner
WebCruiser - Web Vulnerability Scanner, a compact but powerful web security scanning tool that will aid you in auditing your site! It has a Vulnerability Scanner and a series of security tools.

It can support scanning website as well as POC( Prooving of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, a XPath injection tool, and a Cross Site Scripting tool!

Function:
* Crawler(Site Directories And Files);
* Vulnerability Scanner(SQL Injection, Cross Site Scripting, XPath Injection etc.);
* POC(Proof of Concept): SQL Injection, Cross Site Scripting, XPath Injection etc.;
* GET/Post/Cookie Injection;
* SQL Server: PlainText/Union/Blind Injection;
* MySQL: PlainText/Union/Blind Injection;
* Oracle: PlainText/Union/Blind/CrossSite Injection;
* DB2: Union/Blind Injection;
* Access: Union/Blind Injection;
* Post Data Resend;
* Administration Entrance Search;
* Time Delay For Search Injection;
* Auto Get Cookie From Web Browser For Authentication;
* Report Output.

http://sec4app.com/
6/7/2010 10:14 PM | MSSQL SERVER
Post A Comment
Title:
Name:
Email:
Website:
Comment:
Verification:
 
 

Powered by:

Copyright © bullpit