Tag Archives: injection

GUI for sqlmap

GUI for sqlmap | An excellent python based GUI for sqlmap is available here: https://code.google.com/p/gui-for-sqlmap/ On Debian or Ubuntu, here is how to install: $ sudo apt-get install python-tk python2.7 sakura $ git clone git://github.com/sqlmapproject/sqlmap.git $ cd sqlmap $ wget http://gui-for-sqlmap.googlecode.com/files/sqm-17612.zip $ unzip sqm-17612.zip $ python2.7 sqm.pyw Cool!

WPScan WordPress Vulnerability Scanner

WPScan WordPress Vulnerability Scanner | WPScan is a nifty WordPress vulnerability scanner. It can do things such as scan for installed plugins and provide vulnerability information based on results. It is part of Backtrack, which is handy as well! Here’s how wpscan looks checking scottlinux.com: root@bt:/pentest/web/wpscan# ruby wpscan.rb –url scottlinux.com –enumerate p

Test Your Server for SQL Injection

Test Your Server for SQL Injection | Q: What tools are used for testing for MySQL and other database injection vulnerabilities? The following are often used to automate testing for SQL injections by network and security admins: sqlmap – automatic SQL injection and database takeover tool Havij – automated SQL injection tool metasploit – security framework (Metasploit as you may be aware